Cent OS folder shares

[mckendry1011]

At my work, we do offsite backups for companies. It is run using a cent os box with tons of storage and we connect using different ports to access different clients data, for example client 1 = port 2995, client 2 = port 3000.

 

Does anyone know how to set this up or how it is done? I know anaconda is running on these but I dont know if there is anything else.

[AbsoluteFool]

8 minutes ago, mckendry1011 said:

At my work, we do offsite backups for companies. It is run using a cent os box with tons of storage and we connect using different ports to access different clients data, for example client 1 = port 2995, client 2 = port 3000.

 

Does anyone know how to set this up or how it is done? I know anaconda is running on these but I dont know if there is anything else.

Just change the applications port numbers in the configuration files. This can be done with most systsmes.

[mckendry1011]

Just now, AbsoluteFool said:

Just change the applications port numbers in the configuration files. This can be done with most systsmes.

Even if it is the same program? Can you have multiple instances of applications running each with different ports attached?

[AbsoluteFool]

Just now, mckendry1011 said:

Even if it is the same program? Can you have multiple instances of applications running each with different ports attached?

Sure, it might need some work arounds, but yes. Most programs i know this is often done by dublicating the configuration file. While this is not true with all software there is always a way. The best way to find out is to try some Google searches.

[Blake]

On 11/21/2018 at 4:58 AM, mckendry1011 said:

At my work, we do offsite backups for companies. It is run using a cent os box with tons of storage and we connect using different ports to access different clients data, for example client 1 = port 2995, client 2 = port 3000.

 

Does anyone know how to set this up or how it is done? I know anaconda is running on these but I dont know if there is anything else.

 

On 11/21/2018 at 5:07 AM, AbsoluteFool said:

Just change the applications port numbers in the configuration files. This can be done with most systsmes.

Isn't a better system to give the users, usernames and passwords? (and a private key, via sneaker net)?

 

Then just set the read/write permissions for each client on their own directory on the directory. let the server choose the port from a range (based on who's connected).

 

edit: Access based enumeration, that's the phrase i was looking for.

[AbsoluteFool]

1 minute ago, Blake said:

 

Isn't a better system to give the users, usernames and passwords? (and a private key, via sneaker net)?

 

Then just set the read/write permissions for each client on their own directory on the directory. let the server choose the port from a range (based on who's connected).

Well, i guess. But he said he wanted port based. Like i could just aswell used SSH to restrict storage and navigation for each users, if the idea was to open an SSH server. The port itself doesen't really lock people out from anything. Username & password basicly just give permissions as if i should have done it manually from the command line.

 

I think he wanted the port to be sort of a client ID so he know what client is connecting. That's perhaps what they do at his company.. I don't really know lol

[Mikensan]

Separating customers by port is a little ackward as a backup host. Because you're hitting the same server, and likely the same service - it doesn't really do anything but add a headache for customers. Just wait until you hit a company whose IT admin who locks down destination ports and won't budge. Hopefully they still require some form of authentication.

 

However "how" this is done depends on the solution. If you're using conventional things like iSCSI NFS SMB (none of which should be outside a VPN/LAN) it will vary. iSCSI by design allows you to create multiple portals and associate different users and extents to the portals. Though normally portals are meant to listen on different IPs you can change the port per portal.

 

iSCSI over the internet + encrypted over VPN would just be terribly slow.