[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Upgrading with a low data cap

On Monday 15 October 2018 05:09:05 David wrote:

> On Sun, 14 Oct 2018 at 23:01, Richard Owlett <rowlett@cloud85.net> 
> > I have no desire nor need for a traditional LAN.
As a somewhat senior to Richard, one thing I've learned in a loooong 
carrear in electronics is that life is a lot simpler if you use the 
tools and parts designed to do the job at hand. So I don't understand 
the reticence to setup a local network on Richards part.  Its the tool 
to do the job and nothing else works as easy or fast.

> Wanting to transfer or share data between machines, while
> simultaneously declaring the above, appears inconsistent.
> I don't know what a "traditional LAN" is, so I wonder what you mean by
> those words, and what happened to create your attitude that you wish
> to avoid whatever it is.
> Networking was invented to optimise the requirement of transferring or
> sharing data
> between machines. Today, TCPIP is is simple to configure, in both
> software and hardware. The hardware is inexpensive. The configuration
> scales easily: connecting one PC to one other PC is pretty much the
> same as connecting one PC to the entire internet.

And the best of both worlds is had buy investing in a good router, useing 
to to Native Address Translation between the dhcp supplied address your 
ISP gives the router when it connects to the modem, to an address range 
that is not forwarded to the internet except by explicit instructions in 
the routers setup, assuming its been reflashed with dd-wrt. Thats the 
best kept secret to a secure system extant. So all my stuff, 6 or 7 
machines, have local addresses in the 192.168.xx.nn range, including 
this one.

That router faces an 8 port switch which by circuitous (house 
architecture) means connects to the rest of the machines alongside this 
one. By that means all machines have equal and transparent access to the 
internet to keep them updated.

I use ssh to log into all of them to operate them by remote control, and 
for file shuffling, they are all mounted to this machine and machine to 
machine with sshfs. I found both samba/cifs and nfs just troublesome 
enough I don't enable them if installed.  Don't need them.

With dd-wrt, I don't run firewalls, or if an installer sets one up and it 
gets in the way, it gets turned off, as dd-wrt handles all that in the 
router. In nearly 20 years, only one person has come thru that router 
and gained access to this machine, and I gave him the login's and pw's 
because I needed his help with a networking problem 15 years ago.

> I write this because I feel it's likely that that people's interest in
> assisting you
> here will wane if you appear to reject well-known, simple, widely used
> even by simpletons, best-practice for obscure reasons.
This is also true, Richard. The interconnection experts here, you will 
find all use the right tool for the job (for his/her definition of 
right, there are about as many of those as freckles on a red headed 
lady's face) ;-)

> In the Debian installer you simply choose to use DHCP (if you have a
> ISP router modem that provides it) or specify some simple static
> network address values. The installer does the rest. Or you can do it
> yourself later, it's simple.

And very insecure. The NAT and firewall in the router is the best 
security you can put in a single common point between you and the black 
hats. You don't need the hassle of local to local firewalls, only 
between you and the black hats in the far east.

> On Mon, 8 Oct 2018 at 00:33, Richard Owlett <rowlett@cloud85.net> 
> > Is it possible to use the cached data on another machine?

Yes, I've done it via sshfs.
> When doing a new Debian install, the very first thing I do in the
> installer's expert mode is to configure it to use my local package
> cache on the machine next to it, and connect an ethernet cable between
> them. Bingo.
> > What should I be reading?
> man 5 interfaces, if you wish, or just answer the questions in the
> installer. And once you get that working ...
> 1) For package caching:
> approx or apt-cacher or apt-cacher-ng
> 2) For transferring data:
> rsync
> scp

Both of which work, but I generally use the sshfs mount for that since 
all the file manager tools like mc Just Work.

Dr. N. Klepp can guide you to passwordless access means using keyfiles 
that are much harder to hack than passwords.

> 3) To use the terminal on one machine to control another:
> ssh

Yes, read the man page.  It has many options.

> Debian is a modern miracle that I am grateful for every day. And there
> is a vast amount of expertise accessible on this mailing list.
> Typically the advice and assistance given here is an excellent guide
> to good practice, robust systems, and building useful, rewarding
> skills.


And if I can manage it at 84 yo, Richards 3 score and ten should NOT be a 
barrier. USB was never intended for peer to peer connections, TCPIP 
(ethernet) was. Use the tool designed for the job. Security is all in 
the setup.

Cheers, Gene Heskett
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>

Reply to: