From owner-freebsd-questions@FreeBSD.ORG Mon Apr 12 07:38:19 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A6BE116A4CE for ; Mon, 12 Apr 2004 07:38:19 -0700 (PDT) Received: from atwns1.omniresources.com (atwns1.omniresource.com [69.48.112.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id DAFB943D5D for ; Mon, 12 Apr 2004 07:38:18 -0700 (PDT) (envelope-from dpoland@omniresources.com) Received: from 5x2822.omniresources.com (5x2822.omniresources.com [192.168.254.149])i3CEc5lG055065; Mon, 12 Apr 2004 09:38:05 -0500 (CDT) (envelope-from dpoland@atwdev.omniresources.com) Received: from 5x2822.omniresources.com (localhost [127.0.0.1]) i3CEbh0p030258; Mon, 12 Apr 2004 09:37:43 -0500 (CDT) (envelope-from dpoland@5x2822.omniresources.com) Received: (from dpoland@localhost)i3CEbhj4030257; Mon, 12 Apr 2004 09:37:43 -0500 (CDT) (envelope-from dpoland) Date: Mon, 12 Apr 2004 09:37:43 -0500 From: Doug Poland To: Bart Silverstrim Message-ID: <20040412143717.GA29571@omniresources.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i cc: FreeBSD Questions Subject: Re: OS X and FreeBSD: What could be a good setup X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Apr 2004 14:38:19 -0000 On Thu, Apr 08, 2004 at 08:04:35AM -0400, Bart Silverstrim wrote: > > > >>You see I'm in a state of confusion.. > > > >You're simply using a FreeBSD as a file server. You serve up > >files to the client via NFS (OS X) or CIFS (Windows). FreeBSD doesn't > >care. Now if you want FreeBSD to understand and manipulate those > >files is a different issue. > > > > See, this is part of where I was getting a little munged up in trying > to figure out how I want to aim for renetworking my home... > You're talking about three different issues here, Authentication, file serving protocols, and wireless security. > I'm looking at using FreeBSD on a server (web, mail, file server) with > OS X, Windows, and probably Linux clients. I'd like the FreeBSD server > to handle authentication, but that may be a pipe dream to accomplish > across platforms easily :-/ > Not sure where to point you for this but some type of LDAP scheme seems a logical choice. > For the file serving I was looking at NFS (especially using the NFS > server with Services for Unix under Windows), but the common > cross-platform version may too insecure to use comfortably, especially > with wireless (most of my wireless connections are wrapped in ssh if > they're important anyway). > > That would leave SMB/CIFS, meaning SAMBA, but I haven't found anyone > able to tell me if CIFS is secure "over the wire". I seem to recall a > utility that would sniff network packets and if NFS is used, it can > capture the files as they're travelling over the network; can this > happen with CIFS? > > I would really rather NOT use mixed protocols to share; NFS for > Linux/OS X, CIFS for Windows...then I'd have increased overhead to > managing permissions, etc... > Correct me if I'm wrong, but your choice of protocols is a different issue from wireless security. Here's a couple of good articles on wireless and FreeBSD... http://www.samag.com/documents/s=7121/sam0205a/sam0205a.htm http://www.onlamp.com/pub/a/bsd/2001/04/05/Big_Scary_Daemons.html > Advice? > I've never setup a wireless network, but I have connected PCs and Macs to FreeBSD fileservers. My suggestion would be to tackle your project is discrete steps. 1. If possible, using a wired network, setup your authentication scheme. 2. Configure your clients and server for file sharing. 3. Setup and configure for wireless network operation. HTH -- Regards, Doug