LDAP , NFS Homedirs and Laptops

Rocky Linux General
1

Hi All,

I wanted to ask what the general consensus was on linux laptops and management of user accounts. I want to have a field replaceable unit effectively with no NFS mounted homedir or necessarily LDAP integration.

Now local users are fine , and when connected to site or on-site user community can ssh into a shared cluster for HPC say or compute power with what is in reality a seperate account, but which does have a traditional homedir.

But what about backing up local config and data in case of destroyed laptop?

Thoughts?

Regards,
Stephen.

2

for backups people often point at backula or its opensource twin.
but for what you want, i would create a user say backup on the server, that is protected with ssh keys access only, in other words no interactive login. you can do this by putting the config options for key only login in the .config file in the .ssh directory on the destination account, for example
PasswordAuthentication no
PermitEmptyPasswords no
PermitRootLogin without-password

then create an ssh key on the source with ssh-keygen but with no password.

and place the resulting contents of the id_rsa.pub in the server accounts .ssh/authorized_keys

and then use one of the many methods to backup files over ssh to the server from the laptops.

this could be as simple as

DATE=`date +%Y-%m-%d` tar cBopf - .|ssh hostname “mkdir /home/backup/$DATE;cd /home/backup/$DATE;tar xBopf -”

above might need some testing and tuning , or alternatively use rsync in a similar way.

regards peter

3

Thanks for the response.

We actually do say to end users a desktop is not backed up but provide an rsync ‘backup’ area which is backed up properly using Bacula.

I’m just wondering if an NFS mounted homedir is really needed these days, I’m old and come from a tradditional sysadmin background so this seems madness to me but am also aware I need to be flexible! So wondered what the current thinking is. Hope that makes sense.

4

well im old retired (61) and come from a traditional engineering/SA background also.
backing up of workstations is usually not the way to go, but instead use of autofs to
automount the home directory or any other directory on demand.
traditionally autofs mount maps were in NIS, but that would be way over the top unless you had 100’s of workstations. nowadays they do NIS through ldap, but that has its issues also with caching.
so if its only a few workstations i would have local autofs files.
use soft mounts so that the server can still be rebooted without hanging your workstation.
regards peter