Apple Filing Protocol (AFP)


AFP is a standard Apple Mac OS X file sharing protocol. If you run a local network with many Macs, it’s a better choice than SMB or NFS. Netatalk is what we need to run AFP, but default Debian package is built without SSL support due to some stupid OpenSSL license incompatibility. You can allow encryptionless connection on Macs, but it’s a bad idea. The best way is to rebuild the netatalk package. If you’re not familiar with Debian package build system, I’ll tell you how to rebuild netatalk fast. I’ve used Debian 5.0 (“Lenny”).

Building and installing

First, make sure there’re deb-src records in /etc/apt/sources.list. We should prepare the system for package build:

sudo aptitude update
sudo aptitude install automake libcrack2-dev
sudo apt-get build-dep netatalk
apt-get source netatalk

cd to a newly created directory (e.g. netatalk-2.0.3).

sudo DEB_BUILD_OPTIONS=ssl dpkg-buildpackage -rfakeroot
cd ..
sudo dpkg -i netatalk*.deb


Now edit /etc/netatalk/afpd.conf. The only one uncommented line should be:

- -transall -uamlist, -nosavepassword -advertise_ssh -ipaddr

Don’t forget to change with your server’s IP.

/etc/netatalk/AppleVolumes.default example:

# User-specific stuff

~/              "$u"            allow:nap,yukka

# Media

/home/ftp       ftp
/home/www       www             allow:nap,yukka
/home/shared    shared          allow:nap,yukka

Restart netatalk:

/etc/init.d/netatalk restart

Voila! Now you should be able to press Command-K within Finder and connect to afp://server.

If you want the server to be visible as a shared network resource in Finder toolbar, you should configure avahi. It’s Bonjour (also known as ZeroConf) discovery service.

%d bloggers like this: