Coda File System

zero-administration clients and Coda

From: Ivan Popov <>
Date: Sun, 16 Mar 2003 11:22:37 +0100 (MET)

I have figured out a couple of places where Coda can make life so much

One "hot area" - thin clients.
I have looked at open source solutions.
Still the most popular ones are X-terminals on Linux/*BSD kernel on
NFS-root or tftp-able RAM disk.
(very insecure, hence usable only in limited environments)

There is another and better solution, vnc over ssl, as soon as you have a
prom to put the binaries and the certificate on.

Anyway, to use any such software securely, you need:

 - a shared secret or preferably a certificate (should be in PROM),
   for your "thin-clients' fat server"
 - trustable binaries (on PROM or securely acquired over the network)

A common case is insufficient PROM to hold the binaries,
hence so popular NFS-root setups.
NFS has a lot of problems - insecurity, lot of traffic,
fully dependent on server being up.
TFTP-bootable filesystem images are insecure too, demand more RAM
space and are harder to maintain.

If we put on PROM just kernel, venus and a shared secret (or when Coda
will support it - a certificate),
then we can import the rest of the binaries over the network "securely"
and run our favourite thin client software (easily reconfigurable compared
to the case when all things are in PROM)

Such dhcp-aware client can be plugged in any network, all over the globe,
even behind NAT, and still comfortably and securely get you at your
desktop on your usual host. With no extra administration required.

Another area - employees abroad.
[no, not only the evident "access my files" thing]

They want to access resources belonging to their home site, including but
not limited to their files. Usually it is software too.

Nowadays people are travelling with laptops. Coda helps them to have their
files. But these machines need administration! There is no feasible way to
have a consistent setup on laptops used by employees on their business

Except if the machines are setup so that they take *all* files, including
all software (excluding venus :), from Coda. Then the setup is always
consistent, available both connected and disconnected, and always
up-to-date as it pulls the new version of a file at first access after it
has been upgraded by the system administrators, in Coda.

My 2c to motivate people invest into Coda!
Received on 2003-03-16 05:24:57