[BBLISA] sshfs

Sun Apr 19 10:54:04 EDT 2009

This all reminds me that I need to solve a much simpler problem at my work:  I need to provide NFS access to some Windows clients.  Right now, the files are accessed by having Totalnet installed on the Unix box, but no one wants to administer that anymore.  If there was something the users could install on their desktops (like maybe 10 of them) we could get Totalnet out of the mix.  

I know, the "right" solution is NetApp, and we've tried to convince this small user group of that.  We have a NetApp (or 8 actually) this user group thinks the Unix performance to the NetApp isn't good enough.  They want local (or SAN) storage on the Unix box with very high performance, and then PC access later, with much lower performance concern.  

Tom mentions NFS clients for Windows.  What should I look at?

 - Tony Rudié 

-----Original Message-----
From: bblisa-bounces at bblisa.org [mailto:bblisa-bounces at bblisa.org] On Behalf Of Tom Metro
Sent: Sunday, April 19, 2009 1:50 AM
To: L-bblisa
Subject: Re: [BBLISA] sshfs

Alex Aminoff wrote:
> My thought would be sshfs.
> http://fuse.sourceforge.net/sshfs.html

That was my thought as well. I'm just waiting for a workable sshfs 
driver to become available for Windows and then I'll gladly get rid of 
Samba. (I run into way too many authentication headaches with Samba, 
which are always a pain to debug, and I've come to the conclusion that 
it's never going to get better, due to the crufty nature of the protocol 
(only made worse by NMB for name resolution) and the piles of code there 
to provide backwards compatibility.)

Last time I looked I couldn't find an ssshfs for Windows, but I just ran 
across:
Dokan : user-mode file system library for Windows
http://dokan-dev.net/en/about/

for which there is apparently an sshfs driver:
http://soi.kd6.us/2009/03/20/so-i-found-a-windows-sshfs/

I haven't benchmarked sshfs (been using it fro Linux), but I'm assuming 
the performance of sshfs is going to be lousy compared to NFS.

Ideally I'd like to see a hybrid option for cases where you want strong 
authentication and access controls, but don't need to keep the data 
private over the wire. It could build on the existing ssh and public key 
infrastructure for authentication, and then use stateless UDP packets, 
probably with an attached HMAC for authenticity, for the data transport.

Perhaps NFSv4 is close enough to this. (Is it any more of a pain to set 
up Kerberos than ssh and PKI? Perhaps.)

The big drawback to any of these options is that they all require new 
clients, which aren't readily available on all platforms. It's hard 
enough finding a decent NFS client on Windows, never mind one that also 
supports v4. (Though of course there is existing wide support for ssh 
file access via FTP-like clients and scp, so technically the clients 
exist, but with a different UI.)

  -Tom

-- 
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/

_______________________________________________
bblisa mailing list
bblisa at bblisa.org
http://www.bblisa.org/mailman/listinfo/bblisa