[Klug-general] General advice for NFS4 authentication on SOHO

David Halliday david.halliday at gmail.com
Mon Jun 15 09:17:17 UTC 2015 

Hi,

I haven't got anything specific, nor have I done more than SSH into local
boxes or use whatever sharing has come with my Ubuntu (or xUbuntu)
distributions recently. But I have in the past so I will put some notes
here and you are more than welcome to look at them from an academic point
of view or for some prompting for ideas of things to try.

My notes are *very* old. From before 2010! That being said, chunks of Linux
OS and the surrounding architecture haven't changed much in the past 10+
years. So, there might be something helpful (or a nudge in the right
direction) in them:

   - http://david-halliday.co.uk/?Linux:AD_Authentication
   - http://david-halliday.co.uk/?Linux:Distribute_settings_etc
   - http://david-halliday.co.uk/?Linux:Samba_file_shares_to_ADS_users


This was in a work environment (but should translate easily to home) where
I had network drives which I wanted to have accessible to windows machines
and Linux, so this was using Samba. I was working in education, and one of
the more interesting things I wanted to be able to do, was give the
students the opportunity to experience working with a remote web-server
(develop html locally, FTP it to a server, see their page on a remote
web-server).

I'm also going to include something which is more related to working (this
is a real S or the SME world solution, but should be able to scale with
some grace) which I put together in 2011. It's a little more accademic but
I figured I't include it as a footnote to the conversation:
http://david-halliday.co.uk/wiki/doku.php?id=linux:system:client_file_server


On 14 June 2015 at 13:06, jwmartnet . <jwm.art.net at gmail.com> wrote:

> Hmmm well have got NFS4 + Kerberos working to some extent now. That
> has given me enough of a headache to decide that is enough for now.
>
> Just trying to work out how to supply RO access to some and RW to others.
> James.
>
> On 14 June 2015 at 01:05, jwmartnet . <jwm.art.net at gmail.com> wrote:
> > With regards to authentication for access to NFS shares, what would
> > you recommend for a small home network, consisting of linux desktop,
> > linux laptop, linux nas, and, well, linux rpi, along with other
> > machines outside of my control I want to prevent access by?
> >
> > I kind of like the idea of LDAP+Kerberos but don't like the look of
> > the setup. Was wondering if there were other benefits which might make
> > the setup worth it here?
> >
> > Did see a webpage somewhere detailing NFS4 share with only Kerberos,
> > what's the obvious problem with that?
> >
> > Thanks.
> > James.
>
> _______________________________________________
> Kent mailing list
> Kent at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/kent
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/kent/attachments/20150615/00c7bf28/attachment.html>

More information about the Kent mailing list