On Mon, 23 Apr 2007 11:26:42 -0400 Greg Folkert <[EMAIL PROTECTED]> wrote:
> On Mon, 2007-04-23 at 05:24 +0200, Rico Secada wrote: > > Hi. > > > > At work we have a bunch of NFS servers. The servers provide the home > > directories for all the employees client machines. > > > > Most of the employees mount their home dirs manually, but some are > > mounted using scripts. Employee John knows he belongs to NFS server 1, > > and emplyoee Britney knows she belongs to NFS server 3 and so on. > > > > Now due to new conditions I have to set up a new system from which ALL > > employees are able to mount their home directories from their homes > > (where they live). Since I only have one IP address at my disposal, I > > need to set up some kind of union system in which all home directories > > apear as they live on just one server. Besides that I have to figure > > out what kind of security I need to use. I have been thinking about > > AFS, and also NFS tunneled via OpenSSH. > > > > About the union thing I first thought of somehow union mouting all the > > different home directories on a single machine which then serves as > > the access point, but I am affraid if that particular machine crashes, > > then no one can get to their files. > > > > Good ideas and experiences are greatly appreciated! > > Lookup sshfs (or shfs as it is commonly know) it is completely at the > whim of the user. They use an existing well known, well vetted daemon > (openssh-server) and in a local environment (meaning no slow links) with > 100Mbit/sec, I get nearly line speed transfer rates (100Mbit/sec == > 11MByte/sec). > > Though you will need to beef up end user knowledge about strong > passwords and key-auth only authentication, it'll more than makeup for > the traveling or remote user. > > I can say that sshfs is probably the singe best thing I've seen come > along in a long time. Mainly because, if you already have established > good SSH practices, there is really no additional server-side setup you > need to use. Thank you very much for your reply Greg. This is a very good solution but it does provide one obstacle since users do not have SSH access to the servers. If I where to use this solutuion I somehow need to jail the users to their home directories. As far as I know its not possible with SSH. > -- > greg, [EMAIL PROTECTED] > > The technology that is > Stronger, better, faster: Linux > -- Best and kind regards Rico Secada -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
