l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 24: LUGOD election season has begun!
Page last updated:
2001 Dec 30 17:10

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] adventures in NFS land
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] adventures in NFS land



Now this is something like what I had in mind!  When you say "challenge response generator", do you mean something like SSH?  (I'm not familiar with Palm).

A.

Geoffrey Herteg wrote:

> If you're looking for secure file sharing over the Internet, you might want to consider the Self-certifying File System (SFS, http://www.fs.net/).  When combined with OPIE (one time passwords), it's pretty darn secure, but you do need a challenge response generator on-hand (like PalmKey for the Palm).
>
> -- G
>
> begin  Peter Jay Salzman quotation:
> > dear all,
> >
> > i just configured nfs for the first time from scatch.  it was easy.  took me
> > under 20 minutes to do.
> >
> > 8 minutes: reading the howto.  actually, i simply skimmed paragraphs that
> >    looked sorta important.
> >
> > 10 minutes: browsed through the google newsgroups to look for mention of
> >    "rpc: connection refused" error.  google didn't pan out (but lots of people
> >    asked the same question).  i found the answer by going back to the howto.
> >
> > the funny thing is that the howto is kind of outdated for what i'm using --
> > the kernel NFS feature, rather than user space NFS.
> >
> > the kernel space NFS is supposed to be faster, but is also supposed to be
> > harder to debug.  here is the outline of the steps:
> >
> > 1. compile the kernel on the server with "kernel nfs server support"
> >    include nfs 3 support.
> > 2. compile the kernel on the client with "kernel nfs client support"
> >    include nfs 3 support.
> > 3. edit /etc/hosts.allow, /etc/hosts.deny for security  here's the deny file:
> >
> >    portmap: ALL
> >    lockd: ALL
> >    mountd: ALL
> >    rquotad: ALL
> >    statd: ALL
> >
> > and here's the allow file:
> >
> >    portmap: lucifer.diablo.net
> >    lockd: lucifer.diablo.net
> >    rquotad: lucifer.diablo.net
> >    mountd: lucifer.diablo.net
> >    statd: lucifer.diablo.net
> >
> > 4. make the file /etc/exports.  here's mine.  i simply mount /home on the
> >    remote machine.
> >
> >       /home 192.168.0.4(rw)
> >
> > 5. /etc/init.d/nfs start
> > 6. run rpc.mountd, rpc.nfsd and rpc.lockd on the server.  (this was teh step
> >    i was missig that caused the rpc: connection refused" message.
> > 7. on the client,
> >
> >      lucifer# mount satan:/home /home
> >
> > 8. wait a bit
> >
> > and suddenly, i now have my home directory shared between my 2 computers.
> > very cool.  my bookmarks, my files; everything is available to me on both
> > computers.  no more wondering if i left a particular file on this machine or
> > that machine...
> >
> > i'm behind a pretty strong firewall, so running nfs on my home network
> > doesn't pose much of a threat.  although if i'm wrong, someone please speak
> > up!  :)
> >
> > if anyone has any tips on optimizing nfs or making it more secure, i'm all
> > ears too.
> >
> > pete
> >
> > --
> > "You may not use the Software in connection with any site that disparages
> > Microsoft, MSN, MSNBC, Expedia, or their products or services ..."
> >                     -- Clause from license for FrontPage 2002

--
======================================================================
Aaron King, Ph.D.                        http://two.ucdavis.edu/~aking
Dept. of Environmental Science & Policy       mailto:aking@ucdavis.edu
University of California                             Tel: 530/752 3026
One Shields Avenue, Davis CA 95616 USA               Fax: 530/752 3350
======================================================================




LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.