David B. Cook wrote: > Would NFS tunneled through SSH be acceptable? > > dbc. >
It seems to me like this could be a very interesting solution the only thing bugging me with this is the "dynamically assigned" nature of some of the ports apparently used by NFS... I haven't played with this (ie tunneling with SSH (at least, not yet)) but doesn't this require per-port redirection? If so, let's say that a protocol has a possibility of using close to 50 ports wouldn't you have to tunnel them more or less separatly (or would you only crypt port 111 and 2049???)... Wouldn't it be a lot better in this case to use a VPN (for which a package is available for Dachstein I believe...)? Is this only to exchange files once in a while if so you could probably transfer them using SCP... (since this actually uses ssh this would actually take care of encryption & authentication better than what could be done with NFS). Even when pcs are connected to the same switch/hubs NFS seems to have more than its share of problems (it's reliability when used with MTAs comes to mind...) so I'm far from convinced (security issues aside) that this is a good way to exchange files over the Net... But, nonetheless, SSH does appear to be an interesting solution... If it does work as I believe it does you could actually remap the NFS ports (the ones which don't change, 111 & 2049) to other ports & actually encrypt the data at the same time... Would I actually use it? Yeah, possibly, if I had no better option... But this is all just MHO & the standard disclaimers apply here... Have a nice day! Nick _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
