Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I am using ssh for connecting remotely to server in our enterprise network, i want to give permission to nfs for some specific computers(some console) in our enterprise LAN, the problem is i want to users login to these computers as their ssh account and have same permission as ssh account on nfs. for example, assume user "ali" has a read/write permission on /home/ali and just read permission on other folders in /home . i want to user connect as "ali" on console computers and have same permission as ssh over nfs (except root user)
how can i do that?!
instead of nfs you could look at some kind of automated sshfs, don't know if anyone has made automounter stuff for it, but sshfs would give you the permissions you want and keep other local people from accessing sshfs mounted stuff.
interesting idea, but actually there is no need for use secure channel in these computer since they are physically secured and also users want to copy and paste huge files to/from server on these computers (files with size of more than 2-3 gigabyte) so using ssh for them is overhead...
It really isn't much overhead, I use it all the time with multigigabyte files and it saturates my 100mb ethernet during transfer.
If you are having them log into a remote computer that has nfs mounts, then all you'd need to do is have the uid/gid of the account they are sshing in as match what they are allowed to access on the nfs server.
So user ali on the nfs server has a uid of 1001, just make sure the account ali ssh's into on that computer that can nfs has a uid of 1001
All depends on how you create your accounts, you could make an automated way, and if your using something like ldap or nis then it should match already, if you are using local accounts then I'd manual check just to verify