Hello,
i would like to use SSHFS or NSF to transfer tar.gz backups from one of my server to another. Both servers hosting publicly accessible services. The transfer should be secure. SSHFS is secure, but NSF i found i might need to work with /etc/hosts.deny and hosts.allow
i want to ask what should i add in hosts.deny/allow so data transfers and access is secure?
someone mention like:
A)
to /etc/hosts.allow:
portmap: 192.168.0.1 , 192.168.0.2
lockd: 192.168.0.1 , 192.168.0.2
rquotad: 192.168.0.1 , 192.168.0.2
mountd: 192.168.0.1 , 192.168.0.2
statd: 192.168.0.1 , 192.168.0.2
source:
http://www.tldp.org/HOWTO/NFS-HOWTO/server.html
B)
Add the following line to /etc/hosts.deny:
rpcbind mountd nfsd statd lockd rquotad : ALL
add the following line to /etc/hosts.allow:
rpcbind mountd nfsd statd lockd rquotad : list of IP addresses
source:
https://help.ubuntu.com/community/SettingUpNFSHowTo
C)
add in /etc/hosts.deny:
portmap:ALL
and then in /etc/hosts.allow:
portmap: 192.168.1.1, 192.168.1.2, 192.168.1.3
source:
http://www.techrepublic.com/blog/lin...-nfs-on-linux/
-----
so i want to ask which is best if i have only one client and one server, both in different datacenter.
What else i need to consider for security, any link? thx
PS: i want to use probably rather NFS, because according to
this benchmark its faster than SSHFS.