Viacheslav Eremin | Link linux machines by NFS

(Notes) Notes (2016)

Link linux machines by NFS

To link machines by NFS firstly need to perform three commands in server:

   1:  sudo apt-get install nfs-kernel-server

   2:  sudo systemctl enable rpcbind nfs-server

   3:  sudo systemctl start rpcbind nfs-server

Than you can check opened port by nfs-service - Port 111 (TCP and UDP) and 2049 (TCP and UDP).

   4:  rpcinfo -p localhost

Than need to prepare file with description of shared path.

   5:  sudo nano /etc/exports

In this case I try to share this machine throught firewall to external world, but ant my attempt was been unsuccessfully. I have carefully prepare my windows machine, than install applet nfsmgmt.msc (admin tool for NFS client), than tune it by special applet.

   0:  Enable-WindowsOptionalFeature -FeatureName ServicesForNFS-ClientOnly, ClientForNFS-Infrastructure -Online -NoRestart

   0:  nfsmgmt.msc

But as a result I was see only root of my shared folder and various error in Windows client ans server.

Reason of this issue is multiple, but main reason is firewall.

But if we return to linux-linux connection without firewall this link will be working perfectly. We have some commands to reread exported shares.

   6:  sudo exportfs -rav

   7:  sudo service nfs-kernel-server restart

And command to check shares resources.

   8:  showmount -e localhost

As you can see, all working pefrectly.

This is example of mount command (in my case).

   9:  mount -t nfs 192.168.5.9:/home/coinadmin/.digiwage /root/coin/.digiwage

And this is full manual for NFS future (pay attention to options!)

Best problem of public NFS.

If you open NFS without firewall, you will receive an alert from Federal Office for Information Security (BSI).

Dear clien,

We have received a security alert from the German Federal Office for Information Security (BSI).
Please see the original report included below for details.

We are automatically forwarding this alert on to you, for your information.
You do not need to send us, or the BSI, a response.
However, we do ask that you check the alert and to resolve any potential issues.

Additional information is provided with the HOWTOs referenced in the report.
In case of further questions, please contact certbund@bsi.bund.de and keep the ticket number of the original report [CB-Report#...] in the subject line. Do not reply to  as this is just the sender address for the reports and messages sent to this address will not be read.

Kind regards
Abuse Team

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen / Germany
Tel: +49 9831 5050
Fax: +49 9831 5053
www.hetzner.com

Whar reason of this Alert? Look in this article Преступники используют сервис Portmapper для увеличения мощности DDoS-атак.

Comments (

)

Link to this page: //www.vb-net.com/nfs/Index.htm

< THANKS ME>