Author: dq

Network File System (NFS)

http://www.google.com/#sclient=psy-ab&hl=en&source=hp&q=ubuntu%20nfs%20share%20server&pbx=1&oq=ubuntu%20NFS%20share%20server&aq=0v&aqi=g-v1g-b2&aql=&gs_sm=11&gs_upl=6740l8393l0l12683l4l4l0l0l0l1l546l1746l3-1.2.1l4l0&bav=on.2,or.r_gc.r_pw.,cf.osb&fp=3214e37cdfe9fa8f&biw=1280&bih=854&pf=p&pdl=300

https://help.ubuntu.com/11.04/serverguide/C/network-file-system.html

http://www.youtube.com/watch?v=NR9Ts8GV5Bo&feature=related

http://www.youtube.com/watch?v=iJqVT0KsoZs&feature=relmfu

NFS allows a system to share directories and files with others over a network. By using NFS, users and programs can access files on remote systems almost as if they were local files.

Some of the most notable benefits that NFS can provide are:

  • Local workstations use less disk space because commonly used data can be stored on a single machine and still remain accessible to others over the network.

  • There is no need for users to have separate home directories on every network machine. Home directories could be set up on the NFS server and made available throughout the network.

  • Storage devices such as floppy disks, CDROM drives, and USB Thumb drives can be used by other machines on the network. This may reduce the number of removable media drives throughout the network.

Installation

At a terminal prompt enter the following command to install the NFS Server:

sudo apt-get install nfs-kernel-server

Configuration

You can configure the directories to be exported by adding them to the /etc/exports file. For example:

/ubuntu  *(ro,sync,no_root_squash)/home    *(rw,sync,no_root_squash)

You can replace * with one of the hostname formats. Make the hostname declaration as specific as possible so unwanted systems cannot access the NFS mount.

To start the NFS server, you can run the following command at a terminal prompt:

sudo /etc/init.d/nfs-kernel-server start

NFS Client Configuration

Use the mount command to mount a shared NFS directory from another machine, by typing a command line similar to the following at a terminal prompt:

sudo mount example.hostname.com:/ubuntu /local/ubuntu

The mount point directory /local/ubuntu must exist. There should be no files or subdirectories in the /local/ubuntu directory.

http://ubuntuhandbook.org/index.php/2014/08/map-network-drive-onto-ubuntu-14-04/

An alternate way to mount an NFS share from another machine is to add a line to the /etc/fstab file. The line must state the hostname of the NFS server, the directory on the server being exported, and the directory on the local machine where the NFS share is to be mounted.

The general syntax for the line in /etc/fstab file is as follows:

example.hostname.com:/ubuntu /local/ubuntu nfs rsize=8192,wsize=8192,timeo=14,intr

If you have trouble mounting an NFS share, make sure the nfs-common package is installed on your client. To install nfs-common enter the following command at the terminal prompt:

sudo apt-get install nfs-common

References

Linux NFS faq

Ubuntu Wiki NFS Howto

SSH remote copy

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch17_:_Secure_Remote_Logins_and_File_Copying

Using SSH and SCP without a password

From time to time you may want to write scripts that will allow you to copy files to a server, or login, without being prompted for passwords. This can make them simpler to write and also prevents you from having to embed the password in your code.

SCP has a feature that allows you to do this. You no longer have to worry about prying eyes seeing your passwords nor worrying about your script breaking when someone changes the password. You can configure SSH to do this by generating and installing data transfer encryption keys that are tied to the IP addresses of the two servers. The servers then use these pre-installed keys to authenticate one another for each file transfer. As you may expect, this feature doesn't work well with computers with IP addresses that periodically change, such as those obtained via DHCP.

There are some security risks though. The feature is automatically applied to SSH as well. Someone could use your account to log in to the target server by entering the username alone. It is therefore best to implement this using unprivileged accounts on both the source and target servers.

The example that follows enables this feature in one direction (from server bigboy to server smallfry) and only uses the unprivileged account called filecopy.

Configuration: Client Side

Here are the steps you need to do on the computer that acts as the SSH client:

1) Generate your SSH encryption key pair for the filecopy account. Press the Enter key each time you are prompted for a password to be associated with the keys. (Do not enter a password.) 

[filecopy@bigboy filecopy]# ssh-keygen -t dsaGenerating public/private dsa key pair.Enter file in which to save the key(/filecopy/.ssh/id_dsa):Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in/filecopy/.ssh/id_dsa.Your public key has been saved in/filecopy/.ssh/id_dsa.pub.The key fingerprint is:1e:73:59:96:25:93:3f:8b:50:39:81:9e:e3:4a:a8:aafilecopy@bigboy[filecopy@bigboy filecopy]#

2) These keyfiles are stored in the.ssh subdirectory of your home directory. View the contents of that directory. The file named id_dsa is your private key, and id_dsa.pub is the public key that you will be sharing with your target server. Versions other than RedHat/Fedora may use different filenames, use the SSH man pages to verify this. 

[filecopy@bigboy filecopy]# cd ~/.ssh[filecopy@bigboy filecopy]# lsid_dsa  id_dsa.pub  known_hosts[filecopy@bigboy .ssh]#

3) Copy only the public key to the home directory of the account to which you will be sending the file. 

[filecopy@bigboy .ssh]# scp id_dsa.pub filecopy@smallfry:public-key.tmp

Now, on to the server side of the operation.

Configuration – Server Side

Here are the steps you need to do on the computer that will act as the SSH server.

1) Log into smallfry as user filecopy. Create an .ssh subdirectory in your home directory and then go to it with cd. 

[filecopy@smallfry filecopy]# lspublic-key.tmp[filecopy@smallfry filecopy]# mkdir .ssh[filecopy@smallfry filecopy]# chmod 700 .ssh[filecopy@smallfry filecopy]# cd .ssh

2) Append the public-key.tmp file to the end of the authorized_keys file using the >> append redirector with the cat command. The authorized_keys file contains a listing of all the public keys from machines that are allowed to connect to your Smallfry account without a password. Versions other than RedHat/Fedora may use different filenames, use the SSH man pages to verify this. 

[filecopy@smallfry .ssh]# cat ~/public-key.tmp >> authorized_keys[filecopy@smallfry .ssh]# rm ~/public-key.tmp

From now on you can use ssh and scp as user filecopy from server bigboy to smallfry without being prompted for a password.

Conclusion

Most Linux security books strongly recommend using SSH and SCP over TELNET and FTP because of their encryption capabilities. Despite this, there is still a place for FTP in the world thanks to its convenience in providing simple global access to files and TELNET, which is much easier to implement in price-sensitive network appliances than SSH. Consider all options when choosing your file transfer and remote login programs and select improved security whenever possible as the long term benefits eventually outweigh the additional cost over time.

HTTPD.CONF virtual directory

# To see the listing of a directory, the Options directive for the
# directory must include "Indexes", and the directory must not contain
# a file matching those listed in the DirectoryIndex directive.
#

#
# IndexOptions: Controls the appearance of server-generated directory
# listings.
#
#IndexOptions FancyIndexing HTMLTable VersionSort

# We include the /icons/ alias for FancyIndexed directory listings. If
# you do not use FancyIndexing, you may comment this out.
#
Alias /icons/ "/usr/share/apache2/icons/"

<Directory "/usr/share/apache2/icons">
# Options Indexes MultiViews
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>

Missing Plug-in for Ubuntu.


$ sudo /usr/sbin/alternatives –install /usr/lib/mozilla/plugins/libjavaplugin.so libjavaplugin.so /usr/java/default/lib/i386/libnpjp2.so 20000
$ sudo apt-get update;
$ sudo apt-get install ubuntu-restricted-extras

Tag Cloud