On Sunday 23 December 2007 14:09:44 primm wrote:
NFS is kind of ugly itself, don't you think?
Ugly? Naah! It's soooo neat. With nis and nfs anyone can login anywhere and get their own files and start work right after they've got a coffee. It just works. Just like NT server before someone downloded a virus.
Well, I guess if someone else is configuring and maintaining it, sure, it's wonderful.
I setup an nfs server to export /home to 5 other clients. The same server handles nis logins. No eggageration, it took me 1/2 hour most of which was reading man exports until I discovered that Yast had read it for me already! I'll bet that some gurus on this list could do it in 5.
Just curious, but what are my alternatives for nfs? Love from L
nfs is good, it mostly just works. But v3 has drawbacks in security, so if you're not in total control of the network, it might not be so good
nfsv4 + kerberos can provide real authentication and encryption though, so you still don't have to abandon nfs
4 years ago it cost me two days work and a 300 Euro installation cost from an engineer who also sold me the licences for my workstations. That was w2000.
It was plagued by viruses and most of my hardware wan't recognised so I had to fork out for new machines too. 5000 Euros later.
I'm now reading that Linux nfs which I installed by yast all by myself is also a security risk.
It is a security risk in that it's not encrypted. Another problem is that the nfs server in versions 3 and below fully trusts the client about user IDs. It won't put viruses on your machines, but it does mean that if you don't control the root account on all machines, anyone can read any file, or write to any share. In version 4, if you use kerberos authentication, it doesn't do that. And with kerberos you can also get encrypted nfs
But for gads sake, it's been up for 6 months with my staff reading e-mails and chatting to and from their latest boyfriends all through the lunch break. I use SuSEfirewall2. Setup by Yast.
What a mess. I can't afford to go back to commercial products at the moment. Other people have told me that I have no alternatives. . . What the ???? is nfsv4 + kerberos? Yes, I know I can google it. I just have. But tomorrow morining I'll be back at work and I've a date this evening.
It's at times like these I wish I'd stayed with my Microsoft rep.
Don't be silly
Do I change my network back to Windows 2000? I'm not a hobbyist. Can anyone advise me in plain English o Español? Please, if you do not run a network then please do not write.
So long as you trust all machines on the LAN, you don't have a problem. Basically, it's the same as switching from telnet to ssh. telnet is fine as long as you trust all machines on the network Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org