Re: Advice for setting up a file server
Stefan Goessling wrote:
Hello List!
I would very much appreciate any advice concerning the set-up of a Debian
based file server. I have some experience in Debian desktops and laptops,
but none so far with servers. My list of questions is long, I know, but
any answer would help. Thank you!
Best regards, Stefan (debian @ goessling . de)
You don't say what kind of server you want: a print server? a web
server? a file server? an email server? an ftp server? an authentication
server? a database server? a streaming video server? etc etc etc
I'm guess from the "2GB" hint below that this is just a file space server.
Questions:
Which Debian version?
stable (woody, currently) - probably no need for the latest and greatest
packages like you'd likely want on a workstation
Which packages should I use?
depends on what type of server. You don't want the X Window System
packages (no KDE, no Gnome, no xserver-xfree86, blah blah blah). You
will want:
- samba
- samba-common
- smbclient
- smbfs
- ssh
- some sort of firewall software
- some sort of antivirus (for the Windows files stored on your server,
because they will be infected; they won't hurt your Linux side directly,
but cleaning the files will help your clients and will cut down on
virus-induced traffic)
- and then whatever server software you need (apache? exim? etc)
Which security measures to take?
Make sure you have security listed in your sources.list, and
update/upgrade often. Firewall. Tripwire or equivalent. Enforce good
passwords. Physical security of the box. Backups!! Written (and
published) policies. Use ssh/sftp/scp, not telnet/ftp/rcp. Turn off
unneeded services (clean up /etc/inetd.conf, uninstall unneeded
packages, etc). Configure system to write logs to another machine. Break
your filesystem into multiple partitions, and mount "static" partitions,
such as / and /usr, as read-only. Use sudo instead of handing out the
root password to your co-admins.
Which backup procedure is recommended?
Whatever works. Perhaps raid or mirroring on the local machine; a cron
tar job to another machine every night, backup the second machine every
day to tape and move the tape off-location (so a local catastrophe
doesn't destroy both your primary data and your backup). Or any other of
a thousand different possibilities. Basically, whatever allows you to
restore whatever you need restored, no matter what comes along. (You
probably won't need to backup the "system"; just the user data and
system config files.
Any experiences/success stories in this field?
Are there pre-packaged distros (Debian based)?
Here are the requirements/conditions:
* Server must serve Windows clients (e.g. via samba) *and* Linux clients
* Access also via secure channels (scp, sftp) from outside the local net
* 10+ users (2-6 concurrent) with around 2 GB file space each
* Server runs 24h in an unprotected network (i.e. our university does not
have any firewall or port blocking)
* System will probably have 2 HDs (80 GB)
* Second (rather old) machine available for backup service
Reply to: