On Sun, 2023-10-08 at 03:03 +0200, Marco Rebhan via Kerberos wrote: > On Saturday, 7 October 2023 22:15:32 CEST Russ Allbery wrote: > > [..] > > That clears up a lot, thank you so much!
Keying clients is useful to allow mount at boot time, before any user with valid credentials has logged in, as well as for NFS 4.0 only (doe snot apply to earlier protocol version nor to 4.1 and later) to do some callback calls to the server where the protocol does not know what user to use. It is not strictly needed, if you use autofs for homes for example you can live w/o a client service principal. HTH, Simo. -- Simo Sorce, DE @ RHEL Crypto Team, Red Hat, Inc ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos