Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've just bought a NAS (Terastation Pro from Buffalo) and would like to write a backup-script in order to make automatic backups through a cronjob. but the NAS doesn't seem to work either with ssh nor with rsync. The only way I found is mount but I would like to know if there isn't any other solution (except for ftp). so far I read is NFS not so secure. I would like to use my NAS to backup a webserver, so the server is quite exposed. that's why I'm looking for something more secure than mount.
It may be that this unit doesn't actually support any secure protocols. The last time that I looked at NAS appliances most of them only seemed to support CIFS, FTP, and sometimes NFS v. 3 (what a choice!).
One compromise solution is to write a backup script that uses GnuPG to encrypt zip files containing your data before you send them across the network.
An important question involving security is where this is being done? I got the impression reading your initial post that this was something for home use. If that is the case, using a protocol like ftp or nfs is not such a big deal. Yes ssh or rsync can be much more secure, but if it is just on a LAN, there really is no issue in using it that way.
If you are doing it across the internet, then you need to do it like a business would. Mount the NAS device to another computer exclusively, and force all connections to go through the other computer through SSH. That's how we do it at work.
Mounting it really is a "good" solution, particularly if you do it through a USB or serial type of cable, and not over an networking cable like cat5-5e-6. That exposes it to everything on the LAN, which still is safe, depending on the size of the LAN.
An important question involving security is where this is being done? I got the impression reading your initial post that this was something for home use.
actually it's not for home but for work, so the security is a very important matter.
Quote:
Originally Posted by JimBass
If you are doing it across the internet, then you need to do it like a business would. Mount the NAS device to another computer exclusively, and force all connections to go through the other computer through SSH. That's how we do it at work.
I'm not sure if I understand what you mean with "through the other computer", which "other computer" do you mean? Do you mean: I take some computer that isn't been used right now, make a mount with this computer and the NAS, and all servers have to make a ssh to the computer? with a USB connection or through the LAN?
Quote:
Originally Posted by JimBass
Mounting it really is a "good" solution, particularly if you do it through a USB or serial type of cable, and not over an networking cable like cat5-5e-6. That exposes it to everything on the LAN, which still is safe, depending on the size of the LAN.
in the NAS's manual it only says something about LAN-cable, but nothing about direct USB or serial connection. the only thing I found is
Quote:
TeraStation Pro has two USB 2.0 ports on the rear. These ports can be used for adding external
USB Hard Drives or UPS systems. TeraStation will share connected USB storage devices, allowing
everyone on the network to use them. Up to two external USB hard drives may be added to
TeraStation Pro.
so it talks about adding HD but not about direct USB connection with a server for example. how come they don't say a word about it? how does the USB connection work? pluging a USB cable between the computer and the NAS, and then?
my situation is the following one: I have 3 webservers, 2 are in the same network, the other is in a different network. I do NOT have the possibility to install a firewall before all those conputers. In order not to expose the NAS too much I first decided to only use it for the 2 webservers that are located in the same network, so that I could leave blank the gateway's IP in the NAS's configuration. this way is the NAS only to be reached from the network where the 2 webservers are. But the mount is still a problem for the servers themselves, and the serrvers'iptables doesn't allow to mount. I would have to change the iptables's configuration, and I don't like the idea, especially since I read that NFS shouldn't be used in the wild www!
thanks for any further explanation and advice. this NAS solution should be something to improve the security and not something that exposes my webservers even more!
Mounting it really is a "good" solution, particularly if you do it through a USB or serial type of cable, and not over an networking cable like cat5-5e-6. That exposes it to everything on the LAN, which still is safe, depending on the size of the LAN.
So mounting through a USB-cable is definitly not possible in my case. I've even contacted Buffalo to be sure.
now I'm trying to mount it through the command line (in order to backup the datas with the same permissions, but I'm getting some difficulty.
with
Code:
sudo mount -t nfs 192.00.00.1:/myNAS my_local_directory
I get an error message
Quote:
mount: mount to NFS server 192.00.00.1 failed: system error connection refused
I get the error message even when iptables is down.
Any suggestion how I can make this?
I mount my coraid devices like I would mount anything else, check man mount for details if you're unsure about it.
This is the server section of LQ, odds are good the majority of users don't even have a GUI on their servers. I know for sure not one of my servers has X installed.
Do you know for sure that your SAN is sharing data via NFS? According to this page, the Terastation only shares through Samba and FTP. ->
I mount my coraid devices like I would mount anything else, check man mount for details if you're unsure about it.
This is the server section of LQ, odds are good the majority of users don't even have a GUI on their servers. I know for sure not one of my servers has X installed.
Do you know for sure that your SAN is sharing data via NFS? According to this page, the Terastation only shares through Samba and FTP. ->
Thank you JimBass! You seem to be absolutly right!
I have just tried with smbclient and it works. I will use smbmount in order to have a cronjob running.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.