[Freedombox-discuss] Minimal spec for NAS?

Sam Hartman hartmans at debian.org
Thu Jun 2 18:16:04 UTC 2011 

>>>>> "Tony" == Tony Godshall <togo at of.net> writes:

    Tony> On Wed, Jun 1, 2011 at 12:56 PM, James Vasile <james at hackervisions.org> wrote:
    >> On Wed, 1 Jun 2011 19:36:01 +0100, Lars Wirzenius <liw at liw.fi> wrote:
>> One of the things in the "Is/is not" list for the FreedomBox was
    >>> that it should act as a file server. This is a good thing to
    >>> start with, I think, since it does not require dealing with
    >>> NATs, firewalls, and such, just doing stuff in the local LAN.
    >>> 
    >>> What would be the _minimal_ spec for the _first_ generation of
    >>> FBX-NAS? Something like the following, perhaps:
    >>> 
    >>>     I create a USB memory stick with FreedomBox, and boot
    >>> an     old laptop off the stick. The laptop is now a NAS
    >>> server.      I can format a disk on another computer
    >>> (ext4, possibly     over LVM), and then plug it into the
    >>> FreedomBox, which     automatically mounts it and shares
    >>> it over the network.
    >>> 
    >>> I emphasize that this should be _minimal_ and _initial_, because
    >>> otherwise things will get too complicated too fast, and nothing
    >>> will happen. It's better to start with the simplest possible
    >>> thing that can be made to work, and grow the system later on.
    >>> 
    >>> * all users see all files * uses SMB for maximal client
    >>> compatibility,   and sftp over ssh for maximal security *
    >>> comes preconfigured with a user with a known password *
    >>> management via command line tools, login via ssh
    >>> 
    >>> The next iteration should probably add a web based management
    >>> tool, but there are a lot of open questions of how that should
    >>> work, so I think it would be good to avoid that initially, in
    >>> the name of getting something to work (and people to build on).
    >>> 
    >>> Detection of a USB disk would happen via udev, I guess, or
    >>> possibly over dbus, after which it gets mounted under /media
    >>> (just like on a desktop system). After that, adding it to Samba
    >>> should be easy enough.  We could even have Samba just share
    >>> everything in /media, for utmost simplicity, to start with.
    >>> 
    >>> What do you all think?
    >> 
    >> I quite like the plan of starting with a small, simple thing and
    >> slowly increasing features.

    Tony> But does this fit with the basic principle of being secure and
    Tony> encrypted by default?

I'm all for being secure.
I'm all for encryption too when it serves a purpose.
However, I'm not sure what you are encrypting where and to protect from
whom here.

More information about the Freedombox-discuss mailing list