LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 12-06-2009, 09:55 AM   #1
mr_aliagha
LQ Newbie
 
Registered: Dec 2008
Posts: 25

Rep: Reputation: 0
using same NFS and SSH permission


Hi everybody.
I am using ssh for connecting remotely to server in our enterprise network, i want to give permission to nfs for some specific computers(some console) in our enterprise LAN, the problem is i want to users login to these computers as their ssh account and have same permission as ssh account on nfs. for example, assume user "ali" has a read/write permission on /home/ali and just read permission on other folders in /home . i want to user connect as "ali" on console computers and have same permission as ssh over nfs (except root user)
how can i do that?!
 
Old 12-06-2009, 10:04 AM   #2
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,094
Blog Entries: 2

Rep: Reputation: 111Reputation: 111
instead of nfs you could look at some kind of automated sshfs, don't know if anyone has made automounter stuff for it, but sshfs would give you the permissions you want and keep other local people from accessing sshfs mounted stuff.
 
Old 12-06-2009, 11:15 AM   #3
mr_aliagha
LQ Newbie
 
Registered: Dec 2008
Posts: 25

Original Poster
Rep: Reputation: 0
interesting idea, but actually there is no need for use secure channel in these computer since they are physically secured and also users want to copy and paste huge files to/from server on these computers (files with size of more than 2-3 gigabyte) so using ssh for them is overhead...
 
Old 12-07-2009, 08:13 AM   #4
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,094
Blog Entries: 2

Rep: Reputation: 111Reputation: 111
It really isn't much overhead, I use it all the time with multigigabyte files and it saturates my 100mb ethernet during transfer.

If you are having them log into a remote computer that has nfs mounts, then all you'd need to do is have the uid/gid of the account they are sshing in as match what they are allowed to access on the nfs server.

So user ali on the nfs server has a uid of 1001, just make sure the account ali ssh's into on that computer that can nfs has a uid of 1001

nfs does all its user security based on uid/gid.
 
Old 12-07-2009, 04:10 PM   #5
mr_aliagha
LQ Newbie
 
Registered: Dec 2008
Posts: 25

Original Poster
Rep: Reputation: 0
Is there any automatic way for matching uid or gid?!! or it should be checked manually?!!
 
Old 12-07-2009, 04:50 PM   #6
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,094
Blog Entries: 2

Rep: Reputation: 111Reputation: 111
All depends on how you create your accounts, you could make an automated way, and if your using something like ldap or nis then it should match already, if you are using local accounts then I'd manual check just to verify
 
Old 12-08-2009, 10:31 AM   #7
mr_aliagha
LQ Newbie
 
Registered: Dec 2008
Posts: 25

Original Poster
Rep: Reputation: 0
Ahan, Thanks a lot, it seems that sshfs is easier solution , anyway i will try sshfs and if i find it slow i'll return to nfs + ssh
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Securing NFS - Tunneling NFS over SSH LXer Syndicated Linux News 0 09-27-2006 02:03 PM
NIS+NFS or SSH+NFS threelions66 Linux - Networking 1 09-07-2006 01:44 AM
NFS Write Permission louisb Linux - Enterprise 2 02-20-2006 07:16 AM
nfs permission issues. rtaft Linux - Networking 2 02-19-2004 02:20 PM
NFS - Permission Denied... 15788 Linux - Networking 9 04-06-2003 09:43 AM


All times are GMT -5. The time now is 04:02 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration