From owner-freebsd-questions  Fri Nov 14 11:08:20 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id LAA23760
          for questions-outgoing; Fri, 14 Nov 1997 11:08:20 -0800 (PST)
          (envelope-from owner-freebsd-questions)
Received: from conductor.synapse.net (conductor.synapse.net [199.84.54.18])
          by hub.freebsd.org (8.8.7/8.8.7) with SMTP id LAA23754
          for <questions@FreeBSD.ORG>; Fri, 14 Nov 1997 11:08:12 -0800 (PST)
          (envelope-from evanc@synapse.net)
Received: (qmail 20263 invoked from network); 14 Nov 1997 19:08:05 -0000
Received: from cello.synapse.net (199.84.54.81)
  by conductor.synapse.net with SMTP; 14 Nov 1997 19:08:05 -0000
Date: Fri, 14 Nov 1997 14:08:03 -0500 (EST)
From: Evan Champion <evanc@synapse.net>
To: "Randy A. Katz" <randyk@ccsales.com>
cc: questions@FreeBSD.ORG
Subject: Re: SECURING NFS
In-Reply-To: <3.0.5.32.19971114074026.00b79420@ccsales.com>
Message-ID: <Pine.BSF.3.96.971114140408.14309B-100000@cello.synapse.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Fri, 14 Nov 1997, Randy A. Katz wrote:

> Is there a way to secure NFS? I have a backup server which mounts the main
> server and takes a backup in the middle of the day. It must backup as root.
> Is this securable.

I don't think it is possible to use "secure" and "NFS" in the same
sentence :-)

Why don't you use Amanda to back up the disk remotely, using dump?  Should
be a whole lot faster than mounting via NFS, and that you can secure
relatively well.  It also doesn't need root access (use the user operator
group operator to do the backup).

Evan