I'm interested in setting up multiple PC's in an office to network boot from one fileserver. To reduce maintenance I'd prefer if the clients don't have any storage of their own.

I see a huge security problem in using plain NFS for this task.
With NFS all a client needs to do is spoof it's IP and then it can read and modify the files of another client.
So this is unacceptable.

Is there some network bootable file protocol in linux that is more secure?

Another option I thought of, I can have ONE read-only root filesystem for ALL clients, and then they mount some other, secure filesystem where they each access their files. But then the question is what network filesystem protocol is secure and can be mounted remotely? SSHFS?

Ideally I don't want to encrypt the files on disk or in transit, because I don't want to increase hardware requirements.

Any ideas?

Take a look at nfs v4 with Kerberos for the secure filesystem per user.

The idea of having a single root filesystem for everyone is good. Live CDs have a compressed, read-only root with a ram-based read/write overlay filesystem. You can use that as the boot image.

1 members found this post helpful.