1 / 15

COP 4343 Unix System Administration

COP 4343 Unix System Administration. Unit 15: file server ftp nfs. File server. Remote access to files ftp put/get files from remote hosts nfs tight integration in Unix environment samba share access to/from Windows systems. File Transfer Protocol.

barbra
Download Presentation

COP 4343 Unix System Administration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COP 4343Unix System Administration Unit 15: file server ftp nfs

  2. File server • Remote access to files • ftp • put/get files from remote hosts • nfs • tight integration in Unix environment • samba • share access to/from Windows systems

  3. File Transfer Protocol • designed for efficient distribution of a single file to multiple remote clients • design characteristics • operates in real-time • to be used by general public anonymously • userid: ftp • very effective for transferring large files • not designed as a “shared local disk”

  4. FTP clients • Command line: • ftp, lftp, sftp, ncftp • GUI-based: • gftp • web browsers via URL • ftp://mirror.cs.fiu.edu

  5. FTP server • vsftpd “Probably the most secure and fastest FTP server for UNIX-like systems” • vsftpd.beasts.org • to install on Fedora: • yum install vsftpd

  6. vsFTPd server • configuration: /etc/vsftpd/vsftpd.conf anonymous_enable=YES local_enable=YES write_enable=YES listen=YES tcp_wrappers=YES • check run level & start daemon: • chkconfig vsftpd on • service vsftpd start

  7. vsFTPd server security • open firewall to ports • 20: ftp data • 21: ftp control • enable ftp connection tracking • add module: ip_conntrack_ftp • to: /etc/sysconfig/iptables-config • list of non-allowed users: • /etc/vsftpd.ftpusers

  8. Network File Systems • NFS makes remote files part of the local directory structure • designed for permanent, long-term connections where remote file systems are used as part of the regular user environment • designed with a trusted network in mind • UNIX-centric and does not typically perform well with Windows servers

  9. NFS client • mount command: mount blitz:/disk/137/ege /mnt • mount point must exist • remote host must export directory

  10. NFS client, mount options • hard • if remote access fails, request will hang until server resumes • option: intr • allows hanging process to be killed • soft • if remote access, error will be reported

  11. NFS client, mount options • permission ro: read-only rw: read and write nosuid: disable setuid behavior • more options available for server

  12. NFS client • automatic mounting at system startup • /etc/fstab: blitz:/disk/137/ege /mnt/ege nfs rw,hard,intr 0 0

  13. NFS server • NFS uses RPC • similar to xinetd : uses RPC number • portmap listens for rpc requests, then maps them to TCP or UDP ports • NFS uses the rpc.mountd daemon to make new connections • check services in run level: • portmap • nfs

  14. NFS server: export • configuration: /etc/exports ex: /home blitz(rw) /home *.cs.fiu.edu(ro,root_squash) • options: • rw, ro • root_squash • all_squash • anonuid

  15. NFS server: firewall • problem: RPC mechanism uses random ports • solution: • open firewall to trusted machines rule option: -s 131.94.130.39/32

More Related