[plug] Distributed files systems (AFS)

[Bennett, Phillip]

If he's got a static IP, then port forward from it to the server (If it
allows logons) for RDP from home, or even just use VNC to his work
machine (He can't be in two places t once!)

This would surely overcome the security risks, as well as the whole
'being open to the world' part, as it's only going to work from his
static IP.

If he doesn't have one, then he should get one. :)

My 2c,
Phil.


-----Original Message-----
From: plug-bounces at plug.org.au [mailto:plug-bounces at plug.org.au] On
Behalf Of Rennie
Sent: Thursday, 8 September 2005 9:38 AM
To: plug at plug.org.au
Subject: [plug] Distributed files systems (AFS)


Hi All,

I'm fishing around for info regarding distributed/network files systems.

I've briefly looked at AFS and it seems to be very capable and the sort
of thing we're after, but I concerned it is beyond our company's
knowledge/resources - 4 not-particularly-network-savvy  geeks, 1.5 of
them with a small amount Linux know-how.

Our basic problem is the boss - the least network savvy of us all -
would like to have access to the files on our server from his home.

At the office there is a Debian gateway (DHCP & NAT), behind it is an XP
SMB file server and half a dozen XP clients. At the bosses home
something similar but instead of the Debian gateway some sort of ADSL
modem/switch/DHCP/NATish thing - we'll assume messy.

The way I see it the options so far are:

1) VPN. Seems possible but I suspect it would be easily broken by boss's
fiddling and the thought of his network being joined directly to this
worries me.

2) SMB. Seems likely to be a big security risk. I've no real info on
this, just an assumption.

3) Remote Desktop. See 2 ??

4) Other proprietary app': The boss found 'BeInSync' and thought that
was good because he double-clicked on setup.exe on the XP server and on
his home PC and how can see/access work files from home (it creates
synchronised copies of the files at both locations). I can see his point
about easy of use but this is not a scalable and flexible setup, not to
mention anything about security.

5) AFS. Seems to be very cool tech'. I like the idea of the clients
having a local cache of the most often used files which is synchronised
with the servers which are synchronised with each-other (redundancy &
backup).

Looking through the docs and info it seems to be quite and process to
set up - maybe I'm mistaken. The audience seems most often to be assumed
to be a uber-unix-geek network admin at a large uni or corporation (not
me or my co-workers), maybe these are 99% of those using AFS.

Stuff about domains, realms, Kerberos, kdc, pam-krb5, kadmin, kpropd,
krb5kdc, tockens, tickets make my eyes glaze over. My basic problem is
that I don't know how much of this stuff I need to know, how to set it
up if I do, how much work it will be or whether the whole thing won't
work because of reason X and I'm wasting my time.. etc etc... I need a
book "AFS for people with very small and simple networks and no idea",
or the insight of somebody with first hand experience.

I do think this AFS is a great idea and would love to know how to make
it all go but I'm very time limited and unfortunately must prioritise my
head time.

Any feed back on the above point will be most welcome.

Thanks in advance. _______________________________________________
PLUG discussion list: plug at plug.org.au
http://www.plug.org.au/mailman/listinfo/plug
Committee e-mail: committee at plug.linux.org.au