| 1 |
On Mon, Jan 18, 2016 at 10:33 PM, <wabenbau@×××××.com> wrote: |
| 2 |
> |
| 3 |
> Sharing files can be done via SCP/SFTP. If a VPN connection is used, |
| 4 |
> then even NFS or FTP are possibilities. |
| 5 |
|
| 6 |
I have 100 computers. I want a user on those 100 computers to be able |
| 7 |
to share a file on their computer with just me. On windows they just |
| 8 |
right-click and pick sharing, search for my name on the domain, and |
| 9 |
grant me permissions. You're not going to get an experience anything |
| 10 |
like that with scp or nfs or ftp. Heck, nfs is almost completely |
| 11 |
insecure in the way most people use it. |
| 12 |
|
| 13 |
I don't just want to copy a file from point A to point B. I want to |
| 14 |
have a robust set of permissions and security and so on behind that. |
| 15 |
If a user changes their password, that password gets them access to |
| 16 |
everything they used to have access to, and none of those random |
| 17 |
clients ever see the password. |
| 18 |
|
| 19 |
Sure, you can do it on linux with lots of NFSv4 and kerberos and all |
| 20 |
that. But it is painful to set up and almost nobody actually seems to |
| 21 |
do it as a result. You can also do something like Bitlocker on linux, |
| 22 |
but there isn't a single distro that supports it out of the box |
| 23 |
because it uses a lot of features nobody has bothered to seriously |
| 24 |
develop. (Before somebody points out LUKS, be aware that Bitlocker |
| 25 |
lets you do full-disk encyption that is secure without having to |
| 26 |
actually type a decryption key at any point. Remove the hard drive or |
| 27 |
boot from a CD, and the disks are unreadable - you can only read them |
| 28 |
if you boot off them on the original PC.) |
| 29 |
|
| 30 |
It is just a bit frustrating to behold. But, I'm getting what I'm |
| 31 |
paying for, so... :) |
| 32 |
|
| 33 |
-- |
| 34 |
Rich |
Archives