Take your point about /home on a share. I must look up how to do this, do you know any guides?
It's very simple, firstly you need to have nfs-kernel-server installed on the server (this is the name in Debian/Ubuntu).
Then on the server edit the file /etc/exports, comments in the file show you what's needed, on my server called dps I have:-
/ 192.168.1.1/24(rw,no_root_squash,async,no_subtree_check)On the client just mount the nfs drive in /etc/fstab:-
dps:/ /dps nfs _netdev,autoObviously this mounts the *whole* of the / filesystem on dps so that clients can see it, in your case you'd replace / with /home.
Is it really wise to be using this as an example ?
Peter if you are going the NFS route DO NOT follow Chris's example or the data you are trying to secure will be even more open than if you had left the disk in the local workstation. Better to read some NFS howto's and see how to add the minimal security NFS can actually offer.
Actually if the data is that sensitive then I wouldn't use NFS period.
Look at mounting the volume with sshfs...it will be slower than the NFS mount but it at least has some security.
Chris...I think posting an example that exports to an entire subnet without clearly expressing this is the case, particularly when the original request stated that this was a request for help in securing data not making it more open is..perhaps...a little irresponsible :)