On Wednesday 18 July 2007, Edd Barrett wrote: > Hello again, > > On 17/07/07, J.C. Roberts <[EMAIL PROTECTED]> wrote: > > It is possible. How to configure the mount port is in the man page > > for mount_nfs(8). > > Yes there are 2 ports needed as far as i can see: > 1) nfsd port > 2) mountd port > > I'm unsure which the man page is describing.
I think you're a bit confused. Neither nfsd nor mountd will let you configure to a specific port. Their man pages state as much. In contrast, mount_nfs(8) is the man page which states you have port control from the client side. To get the general concept of NFSv3 over SSH, read the May 9th entry of the previously posted link: http://www.noahk.com/~sparrow/journal/index?user=noahk Some of the things he's doing seem questionable... There are differences between his setup (FreeBSD/Liux) and OpenBSD, so if you try to run his commands verbatim (as a "how to") they will fail. You'll only understand the differences if you read the relevant OpenBSD man pages: man 8 mount_nfs man 8 mountd (see the "STRONGLY discouraged" note on the -n option) man 8 nfsd man 5 exports man 8 portmap man 8 rpcinfo man 8 sshd man 1 ssh Take a look at the last few sentences of the SSH-BASED VIRTUAL PRIVATE NETWORKS section of the ssh(1) man page... Tunneling the stock NFSv3 over SSH will most likely face similar performance/overhead issues. NFS over SSH can be done, but most would consider it wonky for personal mad hackery, and no one in their right mind would never expect *END*USERS* to ever get it right. It might be fun to tinker with and it may even be useful for you on a personal basis but never forget the fact that you're pushing rope. Current best practice for this sort of thing in production would be an ipsec vpn (usually with centralized authentication like kerberos or similar). Eventually kerberos/NFSv4 will become a viable solution for *just* secure network file systems and should be a usable comparatively lightweight alternative to a full vpn (or wonky ssh/nfs rope pushing exercises). kind regards, jcr
