Les Mikesell wrote:
On 5/25/2011 1:05 PM, Ljubomir Ljubojevic wrote:
In a local setup you might be able to manage with ssh port-forwarding over ssh to a squid running on the server holding your repo. That way you can 'export http_proxy=http://localhost:local_port' and establish the ssh connection before running yum and the network traffic to the repository will be encrypted and only need port 22 open.
Vary nice solution Les.
I use it regularly myself without a local repo for machines that (intentionally) don't have direct access to the internet or our caching proxies where I point yum anytime there are enough machines to overcome its tendency to pull a copy from every mirror. You also need to 'export ftp_proxy=http://...' for the generic case where the mirrors will include ftp urls (squid handles them equally well).
I have my own repo with all mayor repositories stored, and repo for some of packages recompiled by me. Both are visible from internet, but I am thinking of hiding that part with mirrored repos, so my server and bandwidth are not pound upon, but at the same time can access those repositories from arround the internet for systems i maintain.
But I just thought of having ssh account would allow people to run commands on my server. Hmm.
Ljubomir