another option would be to run NFS over a transport layer encryption like IPSEC. IPSEC is becomming more ame more widly supported and so shouldnt really be a problem. The only concern tho is that any kind of encryption will add additional load onto the systems. This can be mitigated by careful selection of the type of encryption, as well as additional hardware if neccessary.
I prefer this solution as it builds on existing tech rather than adding in bits and pieces to Daemons, which could raise compatability issues. Barry -- Barry Irwin [EMAIL PROTECTED] Tel: +27214875178 Systems Administrator: Networks And Security iTouch TAS http://www.itouchlabs.com Mobile: +27824457210 ----- Original Message ----- From: "Peet Grobler" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, February 21, 2003 7:09 AM Subject: RE: Secure NFS I've been wondering about this for a while now... Everybody knows NFS is insecure. Right. So no-one uses it. Why not simply modify NFS to use encryption? Why not? Not tunneling, modify the source to either (a) establish ssl connections, or (b) manually encrypt all traffic (I would prefer this one).