Linux/File Server
From charlesreid1
Contents
basics of file servers
three most common methods of sharing files on file servers:
- network file system
- samba
- ssh filesystem (sshfs)
nfs works best for linux environments, but windows doesn't play nicely with nfs
samba works for linux mac os and is best for mixed environment, but has permissions issues, and make unix/linux nodes needing specific permissions confused
sshfs is mostly for sharing files between linux nodes. possible to use with windows. encrypted the same way ssh is encrypted. nothing to configure on the server except ssh. easy to create/drop connections.
nfs
if you use NFS, you will want to use the latest, version 4. it moved to tcp only (no udp), and is stateful (old version are stateless). this means file locking is part of NFS itself, and not outsourced to another utility. This makes file locking more efficient (but still imperfect).
If you need to connect to a node running an older protocol, edit the /etc/exports file and list exports. that is, declare the directories on the disk that you are making available (sharing) via NFS.
configuring nfs server
on debian based systems like ubuntu and kali:
$ apt-get install nfs-kernel-server
WARNING WARNING WARNING this will start NFS services immediately upon install.
Disable NFS service:
$ service nfs-kernel-server stop
Disable the NFS startup script:
$ update-rc.d -f nfs-kernel-server remove
to re-enable it:
$ update-rc.d nfs-kernel-server defaults
warning: this will add nfs to the startup sequence. don't forget that you have added this, and then go visit a hostile environment and share all of your files accidentally.
now you will make a folder containing the files that you want to share over NFS. the recommended method is to create a dedicated directory in root for folders that will be shared via NFS.
$ mkdir /exports $ cd /exports $ mkdir docs/ $ mkdir images/
create /etc/exports file
Now you will create your list of shared directories in /etc/exports. Start by saving any existing exports file:
$ mv /etc/exports /etc/exports.default
Next, edit your export file. One line contains a directory and some options about how it is accessed and by whom.
/exports/docs 10.5.5.0/24(ro,no_subtree_check) /exports/images 10.5.5.0/24(rw,no_subtree_check)
This sets the directory we are sharing, the network address we are sharing it to, and some options in parentheses. man exports has more info on the options.
We are sharing these files with any computers on the network 10.5.5.0/24 - which means that anyone outside of that network cannot mount any of these folders.
Alternative notation:
10.5.5.0/24 10.5.5.0/255.255.255.0
The first is known as CIDR notation (classless inter-domain routing).
ro = read only, rw = read adn write
If you need to make the network shares available to multiple networks:
/exports/docs 10.5.5.0/24(ro,no_subtree_check), 192.168.1.0/24(ro,no_subtree_check)
Now it is accessible to computers on two networks.
sharing files with specific computers
If you don't want to share your files with an entire network, you can be more specific - giving a single node or a list of nodes. Editing the /etc/exports file, you can do this:
/exports/docs 10.5.5.151/24(ro,no_subtree_check)
This shares files with the specific device at ip address 10.5.5.151.
With version 4, NFS can treat a directory as its export root, and create the NFS pseudo-filesystem. This is done by setting fsid=0 or fsid=root for the directory, which is done in the C<doe>/etc/exports file.
/exports *(ro,fsid=0) /exports/docs 10.5.5.0/24(ro,no_subtree_check) /exports/images 10.5.5.0/24(rw,no_subtree_check)
mounting NFS
Once an NFS export is available to a local machine, it can be mounted by a user.
Here, the remote machine running the NFS server is located at 10.5.5.5.
If the server is created without the *(ro,fsid=0) option set, they must know the full path to the share on the remote machine, and mount it by executing the following command.
$ mount 10.5.5.5:/exports/images /mnt/images
If the *(ro,fsid=0) option is set, the user does not need to know the full path, and can mount the directory that is on the remote machine at /exports/images by just using the images/ path.
$ mount 10.5.5.5:/images /mnt/images
editing idmapd.conf
Now edit the /etc/idmapd.conf file to set some options:
uncomment this line
# Domain = local.domain
Now start the nfs daemons:
$ service nfs-kernel-server start
the network shares should be shared and good to go.
If you edit /etc/exports, you can restart the NFS daemon and it will share any new stuff that you've added.
Alternatively, you can activate new exports wtihout restarting NFS (and potentially interrupting connections) by running the command:
$ exportfs -a
Mounting Filesystems
Mounting NFS
To mount an NFS share being shared by a server at 10.5.5.5, you would run:
$ # if the NFS root is not set: $ mount -t nfs 10.5.5.5:/exports/docs /mnt/docs $ # if the NFS root is set: $ mount -t nfs 10.5.5.5:/docs /mnt/docs
to unmount:
$ umount /mnt/docs
Mounting Samba
mount // 10.5.5.5/documents -o username=dummy /mnt/samba/documents
We can also set options, like specifying the filesystem using the -f flag. For example, if we wanted to specify CIFS for the filesystem type:
mount -t cifs // 10.5.5.5/documents -o username=dummy /mnt/samba/documents
Related
Other related pages:
Linux/Automount Network Shares
 |
Networking pages and notes about computer networks.
Man in the Middle attack vectors on wired networks: Man in the Middle/Wired Packet analysis with Wireshark: Packet Analysis Linux networking: Linux/Networking
Using Aircrack: Aircrack Many Ways to Crack a Wifi: Cracking Wifi
Linux/Networking · Linux/SSH · Linux/File Server
Notes on OpenVPN: OpenVPN Setting Up a Static Key VPN: OpenVPN/Static Key
Domain Name Servers: DNS · Linux/DNS IP Version 6: IPv6
Wireshark · SSH · Stunnel · Tor · Ettercap · Aircrack · Tcpdump
Tunnels · HTTP and HTTPS · SSH Tunnels · Linux/SSH
|
|
GNU/Linux/Unix the concrete that makes the foundations of the internet.
Compiling Software · Upgrading Software Category:Build Tools · Make · Cmake · Gdb Bash Bash · Bash/Quick (Quick Reference) · Bash Math Text Editors Text Manipulation Command Line Utilities Aptitude · Diff · Make · Patch · Subversion · Xargs Security SSH (Secure Shell) · Gpg (Gnu Privacy Guard) · Category:Security Networking Linux/SSH · Linux/Networking · Linux/File Server Web Servers
|
|
linux networking all the pages for linux networking
Diagnosing network interfaces: Linux/Network Interfaces Connecting to nodes with ssh: Linux/SSH Bridging networks with ssh tunnels: Linux/SSH Linux file server nfs/smb/sshfs: Linux/File Server Samba on linux: Linux/Samba Automounting network shares on linux: Linux/Automount Network Shares Monitoring system resources: Linux/System Monitoring Linux systemd: Linux/Systemd
IP Schema (ipcalc): Linux/IP Schema DHCP Server: Linux/DHCP DNS Server: Linux/DNS NTP Server: Linux/NTP
|