What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Should I partition my USB attached storage? Samba or NSF?

G

gobtron

Occasional Visitor
I have a USB drive attached to my router (Asus AC68P) and I want to use it as a backup space for my devices and as a share center.

Users should have access only to their respective backup space

All users should have access to the share center.

It would be also nice to make a personnal cloud out of it.

Right now, I use the SAMBA protocol with username/password, and I set the permissions for each users to the folders they should access.

What would be the best solution in this case? Is NFS a better choice than SAMBA? I know I can limit access to certain folders using the IP.

I should also mention that I use SSH over WAN. I am planning to install a console-based torrent client and manage torrents remotely.

So I am a bit confused and concerned about security in my setup. What would be harder to penetrate by someone with bad intentions? Some sensitive data might be present on the drive.
 
I thought about the same questions as you. In the end I went with a home brew linux system that does transmission, samba, ntpd, syncthing. For a while also a sip server and openvpn server. It now has 4 hard drives, encryption and the kicker is it uses 10watts of juice I recken. It keeps growing!
You can throw webmin gui on it to easily manage samba shares and other settings. The samba module for webmin has a setting for everything it seems.

Back to your post, I know your router can do all that (transmission, samba), however I am paranoid, and concerned about privacy somewhat too. I think you should stick with samba, I read nfs is even harder to secure then samba. I was curious a little about ssh over wan. Does that mean your worried somebody might have physical access to the share (hard drive), or plug a device into a ethernet port inside your lan?
 
Cake said:
I thought about the same questions as you. In the end I went with a home brew linux system that does transmission, samba, ntpd, syncthing. For a while also a sip server and openvpn server. It now has 4 hard drives, encryption and the kicker is it uses 10watts of juice I recken. It keeps growing!
You can throw webmin gui on it to easily manage samba shares and other settings. The samba module for webmin has a setting for everything it seems.

Back to your post, I know your router can do all that (transmission, samba), however I am paranoid, and concerned about privacy somewhat too. I think you should stick with samba, I read nfs is even harder to secure then samba. I was curious a little about ssh over wan. Does that mean your worried somebody might have physical access to the share (hard drive), or plug a device into a ethernet port inside your lan?
Click to expand...


You unleashed the beast out of your network! It seems really nice!

I am not worried about physical access. Everything is stored in my appartment, so if someone wants to have access to my hard drive, they will just take it, as well as everything else inside my appartment. Well... It does concern me a little, that's why I lock the door at night or when I'm absent!

But anyway I am more concerned about someone gaining access to some privilege on my router, either by exploiting a security flaw over WAN or a neighbor gaining access to my WiFi network and then exploiting a flaw while on the WiFi. This is also why I thought of using encryption for my backups, as a safety, so if anything happen, the data would take some time to decipher, hoping that the person would aim another easier target.

Obviously, I use a very strong password for both WAN access and WiFi access. I use a different admin login for SSH as well as another port, not common for SSH.
 
I wouldn't recommend partitioning the drive. A lot of router NAS' have trouble handling more than one partition table.

And why would you use NFS? NFS is really meant for Linux/Unix environments. For the home user, SMB is more than functional enough.
 
htismaqe said:
I wouldn't recommend partitioning the drive. A lot of router NAS' have trouble handling more than one partition table.

And why would you use NFS? NFS is really meant for Linux/Unix environments. For the home user, SMB is more than functional enough.
Click to expand...

Ok thank you for the input.
 
htismaqe said:
I wouldn't recommend partitioning the drive. A lot of router NAS' have trouble handling more than one partition table.

And why would you use NFS? NFS is really meant for Linux/Unix environments. For the home user, SMB is more than functional enough.
Click to expand...

Concur - don't partition the drive, but one can create different shares and policies as needed within the single volume..
 
gobtron said:
You unleashed the beast out of your network! It seems really nice!

I am not worried about physical access. Everything is stored in my appartment, so if someone wants to have access to my hard drive, they will just take it, as well as everything else inside my appartment. Well... It does concern me a little, that's why I lock the door at night or when I'm absent!

But anyway I am more concerned about someone gaining access to some privilege on my router, either by exploiting a security flaw over WAN or a neighbor gaining access to my WiFi network and then exploiting a flaw while on the WiFi. This is also why I thought of using encryption for my backups, as a safety, so if anything happen, the data would take some time to decipher, hoping that the person would aim another easier target.

Obviously, I use a very strong password for both WAN access and WiFi access. I use a different admin login for SSH as well as another port, not common for SSH.
Click to expand...
I would worry more about the devices connecting to your router especially Android phones then about a router exploit. I think if you had Samba setup with tight permissions, you would be good.
If I wanted to gain access to Troy, thats how I would do it (with a small handheld computer/aka phone)!
 
Cake said:
I would worry more about the devices connecting to your router especially Android phones then about a router exploit. I think if you had Samba setup with tight permissions, you would be good.
If I wanted to gain access to Troy, thats how I would do it (with a small handheld computer/aka phone)!
Click to expand...

Simple solution - don't expose the NAS/Samba shares to the public internet and have a fairly robust password for the WiFi - and then it's a matter of trust and being smart...
 
You must log in or register to reply here.

Similar threads

C
Need help getting USB Samba Share working on Linux (RT-BE92U)
Replies
2
Views
496
iTyPsIDg
I
I
Tutorial How to get Samba 4.18.8 running on an RT-AX86U Pro running Merlin 3006.102.4_0
2
Replies
21
Views
2K
Jeffrey Young
J
rowbaldwin
Asus AX3000 v2 & USB Drive FTP
Replies
0
Views
352
rowbaldwin
rowbaldwin
J
Samba4 on R7800
Replies
2
Views
733
JRI
J
M
Asuswrt-Merlin with Nextcloud's share folder functionality
Replies
3
Views
599
SolCutter
SolCutter
Similar threads
Thread starter Title Forum Replies Date
K Which one should I keep, Qnap TVS h674 I5 or Synology DS 1821+ General NAS Discussion 13
rowbaldwin Asus AX3000 v2 & USB Drive FTP General NAS Discussion 0

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,164 (members: 14, guests: 1,150)
Back
Top