[plug] Distributed files systems (AFS)

W.Kenworthy billk at iinet.net.au
Thu Sep 8 10:01:13 WST 2005


A webdav server pointing to your fileserver ??

I am having some "issues" with the latest version of davfs2 (for linux),
but when it works its very cool.  Can be accessed via ssl (https) and
access control is adequate for average access.  I mostly use it from
linux (mount it as a remote file system), but doze can do the same.

>From a security viewpoint it seems good (far better than trying to
secure a public smb for instance), but my apache logs do show an
occasional scan for doze files on what looks like a common doze server
configuration

BillK



On Thu, 2005-09-08 at 09:38 +0800, Rennie wrote:
> Hi All,
> 
> I'm fishing around for info regarding distributed/network files systems.
> 
> I've briefly looked at AFS and it seems to be very capable and the
> sort of thing we're after, but I concerned it is beyond our company's
> knowledge/resources - 4 not-particularly-network-savvy  geeks, 1.5 of
> them with a small amount Linux know-how.
> 
> Our basic problem is the boss - the least network savvy of us all -
> would like to have access to the files on our server from his home.
> 
> At the office there is a Debian gateway (DHCP & NAT), behind it is an
> XP SMB file server and half a dozen XP clients. At the bosses home
> something similar but instead of the Debian gateway some sort of ADSL
> modem/switch/DHCP/NATish thing - we'll assume messy.
> 
> The way I see it the options so far are:
> 
> 1) VPN. Seems possible but I suspect it would be easily broken by
> boss's fiddling and the thought of his network being joined directly
> to this worries me.
> 
> 2) SMB. Seems likely to be a big security risk. I've no real info on
> this, just an assumption.
> 
> 3) Remote Desktop. See 2 ??
> 
> 4) Other proprietary app': The boss found 'BeInSync' and thought that
> was good because he double-clicked on setup.exe on the XP server and
> on his home PC and how can see/access work files from home (it creates
> synchronised copies of the files at both locations). I can see his
> point about easy of use but this is not a scalable and flexible setup,
> not to mention anything about security.
> 
> 5) AFS. Seems to be very cool tech'. I like the idea of the clients
> having a local cache of the most often used files which is
> synchronised with the servers which are synchronised with each-other
> (redundancy & backup).
> 
> Looking through the docs and info it seems to be quite and process to
> set up - maybe I'm mistaken. The audience seems most often to be
> assumed to be a uber-unix-geek network admin at a large uni or
> corporation (not me or my co-workers), maybe these are 99% of those
> using AFS.
> 
> Stuff about domains, realms, Kerberos, kdc, pam-krb5, kadmin, kpropd,
> krb5kdc, tockens, tickets make my eyes glaze over. My basic problem is
> that I don't know how much of this stuff I need to know, how to set it
> up if I do, how much work it will be or whether the whole thing won't
> work because of reason X and I'm wasting my time.. etc etc... I need a
> book "AFS for people with very small and simple networks and no idea",
> or the insight of somebody with first hand experience.
> 
> I do think this AFS is a great idea and would love to know how to make
> it all go but I'm very time limited and unfortunately must prioritise
> my head time.
> 
> Any feed back on the above point will be most welcome.
> 
> Thanks in advance.
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au



More information about the plug mailing list