5121
Comment:
|
5224
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
<<TableOfContents(4)>> | <<TableOfContents()>> |
Line 4: | Line 4: |
An alternative to the explicit transfer of files from one machine to another is to attach the remote filesystem to the local machine such that all programs can access it as if it was just another local partition. There are several solutions to this problem, the classical examples are NFS and AFS. At the ETH we are using both of them extensively. Unfortunately NFS has security issues which prevent it from being used in an open environment, and AFS requires special (complex) software on the client side and fundamental changes in the setup of servers. We therefore currently recommend '''Samba''' for remote filesystem attachment. Samba is a free implementation of the Microsoft File Sharing Protocol (SMB). We are running it on all our Unix servers. This enables Windows computers to access files on the Unix machines as if they were on a normal Windows server. Linux is also able to access Samba and mount it just like any other file system. SMB does not encrypt the data it transfers (unlike SSH) but it uses a special method for password authentication which protects the privacy of the password. | An alternative to the explicit transfer of files from one machine to another is to attach the remote filesystem to the local machine such that all programs can access it as if it was just another local partition. There are several solutions to this problem, the classical examples is NFS. Unfortunately NFS has security issues which prevent it from being used in an open environment. We therefore currently recommend '''Samba''' for remote filesystem access. Samba is a free implementation of the Microsoft File Sharing Protocol (SMB/CIFS). We are running it on all our Unix servers. This enables Windows computers to access files on the Unix machines as if they were on a normal Windows server. Linux is also able to access Samba and mount it just like any other file system. SMB does not encrypt the data it transfers (unlike SSH) but it uses a special method for password authentication which protects the privacy of the password. |
Line 6: | Line 6: |
== The Samba Password == Samba (SMB) uses a fundamentally different way to handle passwords than Unix. This has the advantage that passwords do not cross the net unencrypted, but it has the big disadvantage that we have to maintain a separate password database for Samba. We have setup our system so that the Samba password gets changed at the same time as the unix password. If your samba password does not work, please contact support@ee.ethz.ch . |
== Three methods accessing Samba shares from Linux with Gnome (all machines at ETH) == |
Line 9: | Line 8: |
First, note, that all the information below assumes that you have Windows NT, 2000 or XP installed. With this out of the way you just open the '''start''' menu, select '''Run ...''' and type: | === Mountpoint === In all cases, the share will be mounted in `/run/user/$UID/gvfs/smb-share:server=X,share=Y` so that you can also access it on the command line. === gvfs-mount === You can also connect to a Samba share on the command line. After you run that command, you can browse the share in Nautilus. |
Line 12: | Line 17: |
net use * \\homes.ee.ethz.ch\login * /user:login | mmuster@testclient:~> gvfs-mount smb://homes.ee.ethz.ch/smbtest Password required for share smbtest on homes.ee.ethz.ch User [mmuster]: d\mmuster Domain [WORKGROUP]: d Password: ******** |
Line 14: | Line 23: |
Replace ''login'' with your Tardis login name and press return. Now a pop-up will ask for your login name (again) and your (samba)password. Once you have entered them, an explorer will open which shows the content of your Tardis home directory. You can now use the same syntax to access the Tardis home directly from within applications. You can also create a shortcut on the desktop which points to this address to make access even simpler. Note that if you use the same user-name and (samba)password on Windows as you use on Tardis, then windows will not ask you again for your password when mounting the Tardis home. | To unmount a share on the command line, just add the {{{-u}}} flag: {{{ mmuster@testclient:~> gvfs-mount -u smb://homes.ee.ethz.ch/smbtest }}} === Nautilus Application === Select on the left side '''Connect to network''' and enter the name of the share in the '''Server Address''' field, e.g. as 'smb://homes.ee.ethz.ch/smbtest'. Enter the details as given in the screenshot below. {{attachment:gvfs-nautilus.png}} === 'Connect to Server' Application === Open the {{{Connect to Server}}} application and enter the details similar to the screenshot below. {{attachment:gvfs-connect-to-server.png}} |
Line 25: | Line 55: |
Username: D\yourNethzUsername | Username: d\yourNethzUsername |
Line 34: | Line 64: |
Username: username | Username: d\username |
Line 40: | Line 70: |
You can also mount your Samba home area with CIFS (cifs-utils containing {{{/sbin/mount.cifs}}} must be installed): | You can also mount your Samba home area with CIFS. This method is only available on computers where you have root access (i.e. this does not work on Linux workstations managed by us). '''If the command returns an error message saying "wrong fs type", make sure the package "cifs-utils" is installed.''' |
Line 45: | Line 75: |
# mount -t cifs -o user=<your_tardis_login>,name=homes.ee.ethz.ch \\\\homes.ee.ethz.ch\\<your_tardis_login> /tardis-home | # mount -t cifs -o user=<d\your_tardis_login>,name=homes.ee.ethz.ch \\\\homes.ee.ethz.ch\\<d\your_tardis_login> /tardis-home |
Line 51: | Line 81: |
$ sshfs <your_tardis_login>@login.ee.ethz.ch: ~/tardis-home | $ sshfs <d\your_tardis_login>@login.ee.ethz.ch: ~/tardis-home |
Line 63: | Line 93: |
You can access your home directory on Tardis by mounting {{{\\homes.ee.ethz.ch\username}}} as network drive on your Windows box (replace {{{username}}} with '''your''' Tardis username). Also specify your username in the box "Connect as". You will be asked to supply your Tardis password when mounting your home directory. | You can access your home directory by mounting {{{\\homes.ee.ethz.ch\username}}} as network drive in Windows. |
Line 65: | Line 95: |
Tardis uses [[http://www.samba.org/|Samba]] to export your home directory. Our Samba setup uses encrypted passwords which are kept in a separate user database that is ''NOT'' synchronized with your Unix password. The password can not be longer than 8 characters. If you cannot mount your Tardis directory, chances are that we must update your entry in the Samba database. Send eMail to support@ee.ethz.ch . You can change the samba password with {{{smbpasswd -r tardis}}}. | If you do this from outside ETH, you need to create a [[http://computing.ee.ethz.ch/Workstations/Network/VPN | VPN connection]] first. Click on the Computer shortcut and then click on the 'Map network drive' button from the upper toolbar. Select the drive letter you want to use for this mapping. The Address to your folder is \\homes.ee.ethz.ch\YOUR-USERNAME. Im this example its pmeier. Replace pmeier with your username. Set the Checkbox "Connect using different credentials" and if you want, set "Reconnect at logon". Click on finish. {{attachment:WindowsNetworkDrive1.png}} On the next screen, Enter d\YOUR-USERNAME and Enter your password. When done, click on OK. {{attachment:WindowsNetworkDrive2.png}} If the mapping process worked fine, the newly created drive will open and will become available. ---- [[CategoryEDUC]] |
The Transparent Remote File-System Access Method
An alternative to the explicit transfer of files from one machine to another is to attach the remote filesystem to the local machine such that all programs can access it as if it was just another local partition. There are several solutions to this problem, the classical examples is NFS. Unfortunately NFS has security issues which prevent it from being used in an open environment. We therefore currently recommend Samba for remote filesystem access. Samba is a free implementation of the Microsoft File Sharing Protocol (SMB/CIFS). We are running it on all our Unix servers. This enables Windows computers to access files on the Unix machines as if they were on a normal Windows server. Linux is also able to access Samba and mount it just like any other file system. SMB does not encrypt the data it transfers (unlike SSH) but it uses a special method for password authentication which protects the privacy of the password.
Three methods accessing Samba shares from Linux with Gnome (all machines at ETH)
Mountpoint
In all cases, the share will be mounted in /run/user/$UID/gvfs/smb-share:server=X,share=Y so that you can also access it on the command line.
gvfs-mount
You can also connect to a Samba share on the command line. After you run that command, you can browse the share in Nautilus.
mmuster@testclient:~> gvfs-mount smb://homes.ee.ethz.ch/smbtest Password required for share smbtest on homes.ee.ethz.ch User [mmuster]: d\mmuster Domain [WORKGROUP]: d Password: ********
To unmount a share on the command line, just add the -u flag:
mmuster@testclient:~> gvfs-mount -u smb://homes.ee.ethz.ch/smbtest
Nautilus Application
Select on the left side Connect to network and enter the name of the share in the Server Address field, e.g. as 'smb://homes.ee.ethz.ch/smbtest'.
Enter the details as given in the screenshot below.
'Connect to Server' Application
Open the Connect to Server application and enter the details similar to the screenshot below.
Accessing Samba shares from Linux with Konqueror (all machines at ETH)
Open your Konqueror Filemanager/Webbrowser.
As location, use smb://server/directory followed by <Enter>Type your username and password in the following dialog box.
For accessing your share provided from ID, use the following data:
Location: smb://nas-nethz-users.ethz.ch/share-u-$/username Username: d\yourNethzUsername Password: yourPrivatePassword Obs! The 'share-u-$' part of the location is dependant on the first character in your username. If your username is 'kpelle', this part of the location will change to 'share-k-$'
For accessing your D-ITET share, user the following:
Location: smb://homes.ee.ethz.ch/username Username: d\username Password: yourPrivatePassword
Using CIFS to connect to Samba shares
You can also mount your Samba home area with CIFS. This method is only available on computers where you have root access (i.e. this does not work on Linux workstations managed by us). If the command returns an error message saying "wrong fs type", make sure the package "cifs-utils" is installed.
$ sudo su # mkdir /tardis-home # mount -t cifs -o user=<d\your_tardis_login>,name=homes.ee.ethz.ch \\\\homes.ee.ethz.ch\\<d\your_tardis_login> /tardis-home
Recent Linux Kernels contain the userspace filesystem FUSE. This allows you to use all sorts of new an inovative ways for mounting remote fileystems ... for example you can mount a file system via an ssh connection without needing root privileges:
$ mkdir ~/tardis-home $ sshfs <d\your_tardis_login>@login.ee.ethz.ch: ~/tardis-home
But please note, that you can't do sshfs on homes.ee.ethz.ch - use login.ee.ethz.ch instead!
You can also unmount it again by typing:
$ fusermount -u ~/tardis-home
Please note that sshfs is not officially supported by the ISG.EE
Windows Network Drive
You can access your home directory by mounting \\homes.ee.ethz.ch\username as network drive in Windows.
If you do this from outside ETH, you need to create a VPN connection first.
Click on the Computer shortcut and then click on the 'Map network drive' button from the upper toolbar.
Select the drive letter you want to use for this mapping. The Address to your folder is \\homes.ee.ethz.ch\YOUR-USERNAME. Im this example its pmeier. Replace pmeier with your username. Set the Checkbox "Connect using different credentials" and if you want, set "Reconnect at logon". Click on finish.
On the next screen, Enter d\YOUR-USERNAME and Enter your password. When done, click on OK.
If the mapping process worked fine, the newly created drive will open and will become available.