[geeks] Secure network filesystem questions
Micah R Ledbetter
vlack-lists at vlack.com
Tue Feb 27 22:55:48 CST 2007
On Feb 27, 2007, at 14:28, Francois Dion wrote:
> On 2/22/07, Micah R Ledbetter <vlack-lists at vlack.com> wrote:
>> I currently have a Solaris Express machine (Sun Blade 100) sharing
>> 500GB of storage via NFS.
>
> Slow box, but ok.
Hey, it's what I got :).
And, it's pretty snappy now that I finally put in 1GB of RAM. It
makes a *huge* difference over the 128MB that was in there before...
it's like night and day. And I'm the only user, for right now.
> http://blogs.sun.com/Maddy/?cat=SunCluster&date=20061117
> That's with kerberos, although with v4 it is not the only solution.
I thought that NFSv4 looked cool (can't actually remember what I read
that made me think so), but IIRC support under OS X is pretty spotty.
At least, that's why I hadn't initially considered it. I'll put it on
my list of things to check again.
> Might look into NFS over ZFS too:
> http://blogs.sun.com/roch/entry/nfs_and_zfs_a_fine
>
> zfs share (filesystem name) is basically all you have to do.
That's actually what I'm using now. It's not encryption, though.
> Re-reading over your email, do you want both authentication and
> encryption of all content?
Yes, encryption of all content is what I want. I run backups to the
thing, and I access those files sometimes; I'm not trying to encrypt
access to 500GB of warez or anything :P.
The most promising option right now seems to be OpenAFS, since it
doesn't require that I run directory services or anything. I'm going
to take a closer look ASAP.
- Micah
More information about the geeks
mailing list