l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2001 Dec 30 17:10

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] adventures in NFS land
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] adventures in NFS land

If you're looking for secure file sharing over the Internet, you might want to consider the Self-certifying File System (SFS, http://www.fs.net/).  When combined with OPIE (one time passwords), it's pretty darn secure, but you do need a challenge response generator on-hand (like PalmKey for the Palm).

-- G

begin  Peter Jay Salzman quotation:
> dear all,
> i just configured nfs for the first time from scatch.  it was easy.  took me
> under 20 minutes to do.
> 8 minutes: reading the howto.  actually, i simply skimmed paragraphs that
>    looked sorta important.
> 10 minutes: browsed through the google newsgroups to look for mention of
>    "rpc: connection refused" error.  google didn't pan out (but lots of people
>    asked the same question).  i found the answer by going back to the howto.
> the funny thing is that the howto is kind of outdated for what i'm using --
> the kernel NFS feature, rather than user space NFS.
> the kernel space NFS is supposed to be faster, but is also supposed to be
> harder to debug.  here is the outline of the steps:
> 1. compile the kernel on the server with "kernel nfs server support"
>    include nfs 3 support.
> 2. compile the kernel on the client with "kernel nfs client support"
>    include nfs 3 support.
> 3. edit /etc/hosts.allow, /etc/hosts.deny for security  here's the deny file:
>    portmap: ALL
>    lockd: ALL
>    mountd: ALL
>    rquotad: ALL
>    statd: ALL
> and here's the allow file:
>    portmap: lucifer.diablo.net
>    lockd: lucifer.diablo.net
>    rquotad: lucifer.diablo.net
>    mountd: lucifer.diablo.net
>    statd: lucifer.diablo.net
> 4. make the file /etc/exports.  here's mine.  i simply mount /home on the
>    remote machine.
>       /home
> 5. /etc/init.d/nfs start
> 6. run rpc.mountd, rpc.nfsd and rpc.lockd on the server.  (this was teh step
>    i was missig that caused the rpc: connection refused" message.
> 7. on the client,
>      lucifer# mount satan:/home /home
> 8. wait a bit
> and suddenly, i now have my home directory shared between my 2 computers.
> very cool.  my bookmarks, my files; everything is available to me on both
> computers.  no more wondering if i left a particular file on this machine or
> that machine...
> i'm behind a pretty strong firewall, so running nfs on my home network
> doesn't pose much of a threat.  although if i'm wrong, someone please speak
> up!  :)
> if anyone has any tips on optimizing nfs or making it more secure, i'm all
> ears too.
> pete
> -- 
> "You may not use the Software in connection with any site that disparages
> Microsoft, MSN, MSNBC, Expedia, or their products or services ..."
>                     -- Clause from license for FrontPage 2002

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!