Something else to consider ... My comment about the possibility of NFS was as much a question as a solution because I never done so myself, but NFS is pretty easy to administer.
However, a known (kick-butt) solution but difficult to administer is AFS (Andrew's File System). It is a Kerberos encrypted, caching file system supporting multiple redundant servers if required. Uses known & stable ports (UDP 7001-7009) and caches a local copy of all data in a special hash filesystem. Updates at the server end broadcast invalidation 'tokens' to the client caches so subsequent reads will go back to the home server and update the cache. Killer performance, redundancy and security but a pain to setup. Look for it at the IBM Transarc Lab. http://www.transarc.ibm.com/Product/EFS/Brochure/index.html dbc. On Fri, 1 Feb 2002, Nicolas Riendeau wrote: > Lonnie Cumberland wrote: > > Hello All, > > > > while looking around on the net I came across this NFS via SSH that > > you might be interested in taking a look at. > > > > http://www.math.ualberta.ca/imaging/snfs/ > > > > Cheers, > > Lonnie > > > > > >>Would NFS tunneled through SSH be acceptable? > >> > >>dbc. > >> > > Hi Lonnie! > > It does appear (at least at first sight) to be a very good solution (at least > security-wise) to the problem... > > I'm no ipchains guru but if I go the rules & the general idea right they are actually > running ipchains on the server on which NFS runs so that they effectively shield > these ports from the outside world so in essence even from PCs on the same network > NFS wouldn't appear to run on that PC and the (entire?) NFS traffic would be tunneled > through a single ssh connection (and somebody who would eavesdrop on the traffic > wouldn't actually be able to tell that this is/was NFS traffic unless (s)he actually > decrypts the thing). > > Nice... > > Just MHO... > > Have a nice day! > > Nick > > PS: Please keep us posted... BTW, if you do decide to go that way please let us know >whether > the thing really work/is really as good as it seems to be on paper (ok, actually on >the > screen (-; ). > > > > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > -- David B. Cook, <[EMAIL PROTECTED]> Linux -- up 23 days because it can. 12:56pm up 23 days, 12:52, 0 users, load average: 0.00, 0.00, 0.00 _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
