Re: Help needed with server setup at work
On Mon, 23 Apr 2007 11:26:42 -0400
Greg Folkert <firstname.lastname@example.org> wrote:
> On Mon, 2007-04-23 at 05:24 +0200, Rico Secada wrote:
> > Hi.
> > At work we have a bunch of NFS servers. The servers provide the home
> > directories for all the employees client machines.
> > Most of the employees mount their home dirs manually, but some are
> > mounted using scripts. Employee John knows he belongs to NFS server 1,
> > and emplyoee Britney knows she belongs to NFS server 3 and so on.
> > Now due to new conditions I have to set up a new system from which ALL
> > employees are able to mount their home directories from their homes
> > (where they live). Since I only have one IP address at my disposal, I
> > need to set up some kind of union system in which all home directories
> > apear as they live on just one server. Besides that I have to figure
> > out what kind of security I need to use. I have been thinking about
> > AFS, and also NFS tunneled via OpenSSH.
> > About the union thing I first thought of somehow union mouting all the
> > different home directories on a single machine which then serves as
> > the access point, but I am affraid if that particular machine crashes,
> > then no one can get to their files.
> > Good ideas and experiences are greatly appreciated!
> Lookup sshfs (or shfs as it is commonly know) it is completely at the
> whim of the user. They use an existing well known, well vetted daemon
> (openssh-server) and in a local environment (meaning no slow links) with
> 100Mbit/sec, I get nearly line speed transfer rates (100Mbit/sec ==
> Though you will need to beef up end user knowledge about strong
> passwords and key-auth only authentication, it'll more than makeup for
> the traveling or remote user.
> I can say that sshfs is probably the singe best thing I've seen come
> along in a long time. Mainly because, if you already have established
> good SSH practices, there is really no additional server-side setup you
> need to use.
Thank you very much for your reply Greg. This is a very good solution but it does provide one obstacle since users do not have SSH access to the servers. If I where to use this solutuion I somehow need to jail the users to their home directories. As far as I know its not possible with SSH.
> greg, email@example.com
> The technology that is
> Stronger, better, faster: Linux
Best and kind regards