I have two computeres both with Fedora Core 4. I have installed NFS and have doine the configurations and all that but am having trouble with the firewall. I found several pages on that and am working on that but everywhere I read about security issues and NFS. Is NFS really that insecure? If so, what can I use to share my files between two *nix boxes then? My file server does not have X loaded. I kept it as trim as possible. Can I run Smaba without X? Also, anyone tried YamiPod? Is it a food program?
Blimey, where do we start. Lets see now...
Yes, it is.
If you're both the same side of your internet firewall, NFS is fine, if not try using ssh.
Yes you can.
I've not even heard of YamiPod!
Food program? I dont understand.
Right, thats the questions out of the way, here's my synopsis of the problem you're facing.
If you have two Linux boxes sharing an internet connection but both the same side of the main firewall/router (this is a common network configuration), then leaving one on and being the nfs server is generally a good idea. To accompany nfs, you probably want to use nis, because that will allow password and user/group id sync between the machines.
There are security issues in doing this, nis passes encrypted password info across the lan, and nfs can end up passing raw disk info across the same medium, but if you're behind a firewall, you shouldn't have any problems. Nfs allows you to limit who you want to connect and mount the exported filesystems at the server.
Additionally, you may find you need to tweak your firewall settings on the nfs server to allow connections to the exported filesystem.
My network and NFS
Thanks for the reply. Here is my network..
DSL Modem with 4 port switch, only one item plugged into it, the DSL/Cable Router, it has a firewall, it is disabled.
DSL/Cable Router...WAN side to the DSL Modem...4 ports to my to my computers...has a firewall, it is enabled.
Server, No X default firewall...using lokkit to configure.
My computer...X Desktop...has firestarter on and enabled.
I might enable the firewall on the DSL Modem not sure yet. I would like to load Firestarter on the server.
Wifes computer, X windows with Firestarter also.
Son's Computer, Windows XP with Norton IS.
I also have a 4 port hub setting around if needed.
Ok...now that that is out of the way.
I want NFS because I want to switch everyone to Linux. I also was thinking of doing Samba that way the shares would be there for them in Windows. Mostly, this is so I got one harddrive to back up instead of 3. And to make my home admin life easier. I am using DHCP on the LAn side. Can this cause issues for NFS? If so I can go to static no worries. Also, computer names or hostnames don't seem to be working right. I set the server up as file_server during install and everywhere it is represented that way so it's cool. But for the other computers, I changed their hostnames. Like mine is edward.haddock.family but it doesn't show up that way for some odd reason. How do I setup that naming scheme? Any advice or website you may have would be helpful. Also, can I set it up to have all the Linux machines have their home directory on the server so it's like roaming profiles? As for YamiPod, it is a program to work with iPods...I was wondering if it was a good program and if anyone has used it. My hope is that eventiually I will have a decent, secure home network with the ability to share files, mostly mp3s, and backup and distribute software and updates. One thing I have not even investigated deeply is using Yum on the server to update all the computers. I would like to do that centrally as well. Tall order I know. LOL Thanks for the help.
Try turning ON the firewall of the DSL modem and turn off all firewalling on the Linux server.
You can set the DHCP server to always provide the same IP address to hosts by their network card MAC address - that way you get the benefits of dhcp (central admin) with the benefits of static (clearer logging and easier management of your dns server). It's a little more work to set up, but once done no work to maintain.
You can set the hostnames to whatever you want - personally I'd recommend you set up a dns server in house too, and use a domain that doesn't match the real live tld's on the internet, so haddock.family is fine as your in-house tld; it gives you <machine>.haddock.family for each machine. You also get to add new ones as your network expands.
If you're still having problems with NFS after turning off your server firewall, then post up the /etc/exports from the server and the matching line from the client's /etc/fstab and I'll take a look at them.
Dont forget also that using nis really helps because the user/group id's and passwords for all your users is shared network wide, just like the /home directories.