Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 04-27-2010, 07:53 AM   #1
Registered: Oct 2006
Location: Porsgrunn, Norway
Distribution: CentOS 5 / 6 / 7
Posts: 102

Rep: Reputation: 16
NFS Shares over Internet

Hi All

We have a auto backup system that rsyncs all our vital data to a backup server over our network. The final step in this is to get the backup server to rsync with one of our remote sites for the off site backup.

We have lately been visited by the boys from .ru and .ro due to good passwords we have managed to keep the visitor out of the network, we also changed out ssh port away from the default for better security.

We would like the backup system to be totally automatic, when I was reading up on the bruteforce attacks I read recommendations that we should have ssh that need passwords to be manually inserted for extra security.

How secure is sharing NFS folders over the internet. we would configure only one host to have access to the share is this enough for us or should we think deeper here.

Advice and ideas would be very welcomed.
Old 04-27-2010, 08:33 AM   #2
Registered: Jun 2005
Location: England
Distribution: Ubuntu, SLES, AIX
Posts: 268

Rep: Reputation: 47

Personally, I would never make an NFS share available over the Internet.

You're opening up your server to any insecurities in the NFS protocol and, as NFS is not encrypted, whenever you accessed a file it would be transmitted in plain text through the cloud.

If you already have SSH set-up and secured why not use 'rsync' over SSH?

Hope this helps.
Old 04-27-2010, 08:34 AM   #3
Senior Member
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,694

Rep: Reputation: 566Reputation: 566Reputation: 566Reputation: 566Reputation: 566Reputation: 566
NFS (v3) isn't encrypted, so completely wrong. v4 seems to support encryption, so try asking Google how to do it, and make sure both ends support NFS v4, etc.
Old 04-28-2010, 09:05 PM   #4
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.6, Centos 5.10
Posts: 16,623

Rep: Reputation: 2149Reputation: 2149Reputation: 2149Reputation: 2149Reputation: 2149Reputation: 2149Reputation: 2149Reputation: 2149Reputation: 2149Reputation: 2149Reputation: 2149
I'd go with rsync over ssh or sshfs
Old 05-03-2010, 07:23 AM   #5
Registered: Oct 2006
Location: Porsgrunn, Norway
Distribution: CentOS 5 / 6 / 7
Posts: 102

Original Poster
Rep: Reputation: 16
Thanks for the input guys. I will maybe get back when/if I need help with passwordless ssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to automount nfs shares Savita Eli Red Hat 6 08-04-2009 04:17 PM
automount NFS shares Savita Eli Linux - Networking 1 07-24-2009 01:58 PM
automount NFS shares Savita Eli Red Hat 1 07-24-2009 01:57 PM
NFS shares sachinh Linux - Server 3 06-19-2008 03:42 AM
NFS shares not working windsurfer Linux - Software 6 04-10-2007 04:58 AM

All times are GMT -5. The time now is 02:26 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration