> hi, i am finding myself quickly running out of disks/disk space on
> various boxes here on my home network and thus have decided to setup one
> of my boxes as a nfs server, as i dont really like the security model
> for nfs, i wonder what else exists out there that has a better security
> model, id prefer it to be crypted, and must work across multiple nix
> platforms. Any suggestions would be helpful, thx
Well NFS works fine on "trusted" networks.... which is usually what one
has at home. I have used it for years... can't be beat for performance
and ease of setup. Add to that NIS to keep everything straight.
On anything less than a subnet that you have complete control over it is
not secure. NFS/NIS is not a "security nightmare"... it is just plain old
ordinary NOT secure. Anyone with a laptop and root privs can attach to
your NFS network and become any user but not the root user on the server.
In any case... it works fine for networks where one can control who has
root access to what.
AFS, and specifically, OpenAFS (http://www.openafs.org) is the way to go.
It is released under the IBM Public License. Not sure if that is an OSS
license or not.
AFS has clients for Mac OS X, Windows NT/2K/XP, Linux, and all other
flavors of currently shipping Unix that I am aware of. It is extremely
scalable. It was designed for very large networks. It also gives
performance very near local disk speeds due to extensive cacheing. It is
encrypted throughout. It does not trust the machine (as in NFS) it only
trusts the user once they have been authenticated. You can use LDAP or
Kerberos (and possibly others) authentication mechanisms.
Downside.... it is non-trivial to set up. After that, it is totally
trivial to administer.
Other alternatives are Intermezzo, ARL, Coda. Int. and Coda are still
very much in development. AFS is a mature product. Coda was a to be an
OSS implementation of AFS... but once IBM released the source code to AFS
I think it kinda took the wind out of the Coda developers sails.
In any case if you want easy and reliable AND can trust your network use
NFS/NIS. If you want secure use AFS.