[lug] Silly Question
Michael J. Hammel
mjhammel at graphics-muse.org
Thu Oct 4 11:01:51 MDT 2001
Thus spoke Holshouser, David
> /--\__/--\ _______ _______ /----win
> / /---|cable|---|linux|---hub+-----mac Brother's Network
> \ sNFS* | |modem| | box | \----win
> | across|
> /Internet\ __________ _______ /----lin
> / /---| Sprint |---|linux|---hub+-----lin My Network
> \---\__/-- |Wireless| | box | |...
> |-----lin
>
> * sNFS alludes to my hopes of a secure NFS.
>
> So I want to mount his box to my local /home (as well as say, /mp3) so that
> we can be VPN'd in a way. Is VPN a solution? How secure? How difficult?
While I can see why you'd want to do this, I wouldn't recommend it. If the
server goes down, the client would never know it and can potentially be
locked waiting for the server to respond. The client side user could be
out of commission for quite a while. And the reason for the server to go
away may not be server related - it might be routing problems on the
Internet. It's just out of your control. UDP based protocols are like
that - they are hard to manage in a "cloud" network topology.
That said, you could do this using, as someone else suggested, nfs tunneled
over ssh. I haven't tried this, but I'm pretty sure it should work. It
won't solve the problem of the client locking when the server disappears,
but it should help secure data transmissions from being sniffed.
Alternatively, I'd just make the server accessible via remote ssh logins
and allow file transfers via scp. It requires extra work on the users end,
but is less susceptible to security issues and network problems.
Just my $0.0102468, after adjusting for the recession.
--
Michael J. Hammel The Graphics Muse
mjhammel at graphics-muse.org http://www.graphics-muse.com
------------------------------------------------------------------------------
Got a full 6-pack, but lacks the plastic thing to hold it all together.
-- From a real employee performance evaluation.
More information about the LUG
mailing list