[EMAIL PROTECTED] (Sam Hartman) writes: > I think you may be out of luck. Really the first version of NFS > that seems to be particularly secure is NFS version 4. There are > some attempts to add Kerberos to previous versions of NFS, but I'm > unconvinced of the security of most of them.
Solaris 8 (and above?) has nfssec(5). From the man page: The NFS security modes are described as follows: sys Use AUTH_SYS authentication. The user's UNIX user-id and group-ids are passed in the clear on the network, unauthenticated by the NFS server. This is the sim- plest security method and requires no additional administration. It is the default used by Solaris NFS Version 2 clients and Solaris NFS servers. dh Use a Diffie-Hellman public key system ( AUTH_DES, which is referred to as AUTH_DH in the forthcoming Internet RFC). krb4 Use the Kerberos Version 4 authentication system ( AUTH_KERB, which is referred to as AUTH_KERB4 in a forthcoming Internet RFC). none Use null authentication ( AUTH_NONE). NFS clients using AUTH_NONE have no identity and are mapped to the anonymous user nobody by NFS servers. A client [...] See also secure_rpc(3NSL). This of course doesn't help the OP. -- David Magda <dmagda at ee.ryerson.ca>, http://www.magda.ca/ Because the innovator has for enemies all those who have done well under the old conditions, and lukewarm defenders in those who may do well under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos