I can recreate my system from backup in
Seconds Minutes Hours Days Weeks Never tested Never backed up ( 470 votes ~ 6 comments )
You are not currently logged in. If you do not have a user account then please consider creating one and logging in before you post your comment. This will allow you to track replies to your comment, and take part in the site much more freely.
To add your comment, fill in all the boxes below and then preview it to make sure you're happy with the way that it looks.
This is the comment you were replying to, attached to the weblog A complete Linux Network
#2 Re: A complete Linux Network Posted by dkg (216.254.xx.xx) on Thu 5 Apr 2007 at 03:17 I've rolled out a krb5/openLDAP/NFSv3-over-IPSEC implementation for a moderate-sized group. I used debian sarge servers (with backports) on the server side, and Ubuntu LTS (6.06) on the client side. There were hiccups along the way, of course, but the system seems to function pretty well. If i got to do it again right now, i'd try to use NFSv4 and ditch the IPSEC business. Host-to-host encryption never did sit right with me anyway, because the real encryption layers you want are user-to-service (and vice versa). But alas, NFSv4 was even more in its infancy at the start of that project. Things move fast these days.
There were hiccups along the way, of course, but the system seems to function pretty well. If i got to do it again right now, i'd try to use NFSv4 and ditch the IPSEC business. Host-to-host encryption never did sit right with me anyway, because the real encryption layers you want are user-to-service (and vice versa). But alas, NFSv4 was even more in its infancy at the start of that project. Things move fast these days.
Posting Format:
Inappropriate comments will be removed.
Some help on entry formatting is available
Username:
Password:
[ Advanced Login ]
Register Account
