NFS how to secure transfers?

[postcd]

Hello,

i would like to use SSHFS or NSF to transfer tar.gz backups from one of my server to another. Both servers hosting publicly accessible services. The transfer should be secure. SSHFS is secure, but NSF i found i might need to work with /etc/hosts.deny and hosts.allow

i want to ask what should i add in hosts.deny/allow so data transfers and access is secure?

someone mention like:

A)

to /etc/hosts.allow:

portmap: 192.168.0.1 , 192.168.0.2
lockd: 192.168.0.1 , 192.168.0.2
rquotad: 192.168.0.1 , 192.168.0.2
mountd: 192.168.0.1 , 192.168.0.2
statd: 192.168.0.1 , 192.168.0.2

source: http://www.tldp.org/HOWTO/NFS-HOWTO/server.html

B)

Add the following line to /etc/hosts.deny:

rpcbind mountd nfsd statd lockd rquotad : ALL

add the following line to /etc/hosts.allow:

rpcbind mountd nfsd statd lockd rquotad : list of IP addresses

source: https://help.ubuntu.com/community/SettingUpNFSHowTo

C)

add in /etc/hosts.deny:

portmap:ALL

and then in /etc/hosts.allow:

portmap: 192.168.1.1, 192.168.1.2, 192.168.1.3

source: http://www.techrepublic.com/blog/linux-and-open-source/set-up-easy-file-sharing-with-nfs-on-linux/


-----
so i want to ask which is best if i have only one client and one server, both in different datacenter.
What else i need to consider for security, any link? thx

PS: i want to use probably rather NFS, because according to this benchmark its faster than SSHFS.

 

[VitalkaDrug]

My way is to do an encrypted tunnel between both hosts and use any favorite protocol to transfer files. There are many software to manage VPN under Linux. I often use the OpenVPN and PeerVPN, for example.