You are not logged in.
What is the most secure way to share an encfs directory via NFS v4?
On the NFS server, the encfs directory is mounted with a timeout:
encfs --public -i 30 /home/.shared/ /home/shared/
I would prefer it be unavailable to NFS clients after a period of inactivity. Is this possible? How?
In /etc/fuse.conf I have uncommented "user_allow_other" and I am mounting with either the above (public option) or this option:
encfs -o allow_other -i 30 /home/.shared/ /home/shared/
However, the user account on the server that owns the directory will be the same user account that mounts it on the client. Therefore, is it possible to eliminate the allow_other option?
Here is what I'm doing to share this encfs directory:
fstab:
/home/shared /export/home/shared none bind 0 0
/etc/exports
/export/home/shared 192.168.1.1(fsid=2,rw,no_root_squash,sync,no_subtree_check,nohide)
Alternatively, should I share and mount the encrypted directory ( /home/.shared/ ) and then decrypt it on the client? (I have tried this without success yet. The directory is mounted without any error (using the -vvv option). But it is empty on the client.)
EDIT: even mounting the decrypted directory is failing now. I also get no errors but only an empty directory on the client.
Last edited by MountainX (2016-07-24 19:39:08)
Offline