On Sat, 2004-01-03 at 08:50, J.H.M. Dassen (Ray) wrote:This might be encrypted, but hardly secure, for instance if user A has physical access to NFS client
On Sat, Jan 03, 2004 at 08:30:48 -0500, Antonio Rodriguez wrote:
What would be the best route to establish an encrypted or secure nfsThere are several approaches:
session?
- Establish a VPN connection (e.g. FreeS/WAN IPSec, or tinc) between the
hosts and route your NFS traffic over it.
This is probably the most straightforward and mature option.
I would strongly encourage this method. Does it strike anyone else as
strange that every single application protocol has to (or just _is_)
writing their own security/encryption system?
Get it properly encrypted at a lower level with ipsec, and you can go
about your business (whee, telnet's back).
and user B has physical access to nfs client, what prevents user A from accessing user B's files through VPN?
Also consider Linux Enhanced SMBFS: http://uranus.it.swin.edu.au/~jn/linux/smbfs/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]