[gentoo-user] the most secure shared network system? Coda/NFSv4/others?

[gentoo-user] the most secure shared network system? Coda/NFSv4/others?

[张韡武]

[-- Attachment #1: Type: text/plain, Size: 1449 bytes --]

Hello. My purpose of using a network file system is to back up my web
server. For some special reason the backup application I am using need
to directly access a mounted network file system rather then using a SSH
connection.

For me, security is the biggest concern. The backup script should be
able to connect to web server through encrypted TCP connection. Other
features like being robust, being able to handle 1000 connections, local
cache, offline, flexible ACL ... are not important. In my case, what is
the best network file system for me?

NFSv4 can use TCP, however I cannot find crypto information about NFSv4,
but I do find some info about encrypted RPC on google, probably that
means if I use encrypted RPC then I got encrypted NFS? A small advantage
of NFS over coda is that I already used NFS for years (is familiar with
that). Also NFS has no status, that is, I can mount once, backup every
night; if the office network is down and back, as long as it's not down
during backup, I don't have to re-connect (re-mount). Our office network
gets down and back automatically once several days, it's impossible to
maintain a TCP connection for days.

Coda seems to be the best choice because articles on the web suggested
this file system is created "with security in mind". But I never know
any person using this in real life (not used widely) and is not familiar
with it, thus I must ask for advice on this list.

[-- Attachment #2: 这是信件的数字签名部分 --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] the most secure shared network system? Coda/NFSv4/others?

[Boyd Stephen Smith Jr.]

[-- Attachment #1: Type: text/plain, Size: 841 bytes --]

On Sunday 29 October 2006 06:48, 张韡武 <zhangweiwu@realss.com> wrote 
about '[gentoo-user] the most secure shared network system? 
Coda/NFSv4/others?':
> Hello. My purpose of using a network file system is to back up my web
> server. For some special reason the backup application I am using need
> to directly access a mounted network file system rather then using a SSH
> connection.
>
> For me, security is the biggest concern. [W]hat is
> the best network file system for me?

I would go with AFS, but that entails setting up Kerberos, which might be 
more work that you feel like performing.

-- 
"If there's one thing we've established over the years,
it's that the vast majority of our users don't have the slightest
clue what's best for them in terms of package stability."
-- Gentoo Developer Ciaran McCreesh

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] the most secure shared network system? Coda/NFSv4/others?

[Etaoin Shrdlu]

On Sunday 29 October 2006 13:48, 张韡武 wrote:

> Hello. My purpose of using a network file system is to back up my web
> server. For some special reason the backup application I am using need
> to directly access a mounted network file system rather then using a
> SSH connection.
>
> For me, security is the biggest concern. The backup script should be
> able to connect to web server through encrypted TCP connection. Other
[cut]

What about sshfs? It's based on fuse and it's in portage. It only 
requires that ssh is enabled on the server, which it probably already 
is.

# eix sshfs
* sys-fs/sshfs-fuse
     Available versions:  1.6 ~1.7
     Installed:           none
     Homepage:            http://fuse.sourceforge.net/sshfs.html
     Description:         Fuse-filesystem utilizing the sftp service.


-- 
gentoo-user@gentoo.org mailing list