01-05-2008
Thanks Perderabo;
Your solution makes sense, but i'm not sure if i understand this part & don't know why do we need to export a file system, and which one would be in a read only mode. could you please explain in more details this part:
" Then it can export a filesystem via NFS to other boxes in readonly mode."
Thanks
Katkota
10 More Discussions You Might Find Interesting
1. Cybersecurity
I just setup my ftp server on Solaris 8. Everything works fine...except I do not want to allow certain users to be able to change directories outside of their /home directory. In other wors I don't want everyone to be able to view files in other folders outside of their home directoy. I know how to... (1 Reply)
Discussion started by: jskillet
1 Replies
2. UNIX for Dummies Questions & Answers
Current setup:
I am running Solaris 8 and PROFtpd. I have my network functioning correctly. The server can be pinged from any machine on the network. There is no firewall between the client and the server. The proftpd service is running using the correct and only proftpd.conf file in standalone... (5 Replies)
Discussion started by: zbis12
5 Replies
3. UNIX for Dummies Questions & Answers
I created a user which I would like to have access only to FTP. I am able to get FTP to the machine with that user, but I only want him to have access to two directories, and no shell access. How can I accomplish this?
Thanx,
Aaron (1 Reply)
Discussion started by: Spetnik
1 Replies
4. UNIX for Dummies Questions & Answers
How to restrict ftp user to move to the parent directory of his home directory.
Any suggestions will be appreciated.
O.S Sun solaris
Regards (3 Replies)
Discussion started by: sehgalniraj
3 Replies
5. Solaris
Hi ,
I want to deny ftp access to some user. Currently I don't have /etc/ftpusers file. From the man page , i can modify the login shell at /etc/passwd to invalid one. How to add it ? replaced with /dev/null or something. If you have any other method to disabled it . Pls show me.
My FTP is... (10 Replies)
Discussion started by: skully
10 Replies
6. Red Hat
Hi dear all
When i try to connect to an ftp site it shows the following error
"An FTP authentication failure occurred while trying to retrieve the URL: ftp://xyz.org/
Squid sent the following FTP command:
PASS <yourpassword>
and then received this reply
User anonymous cannot log in"
I... (3 Replies)
Discussion started by: surfer24
3 Replies
7. Solaris
Hello,I must share file from Linux machine to Solaris.I've enabled ftp with svcadm enable ftp,when I connect from Linux box I have this
"Name (192.168.1.4:root): anonymous
331 Guest login ok,send your complete e-mail address as password
Password : (I give my e-mail address)
530 Login incorrect... (3 Replies)
Discussion started by: bgf0
3 Replies
8. IP Networking
hi,
I was wondering why I can't connect through Terminal to my FTP server.
It perfectly works through client FTP (I've attached an image with settings)
http://dl.getdropbox.com/u/72686/cushy2.png
But I can't using the terminal
I tried many times the same password I use on FTP... (4 Replies)
Discussion started by: aneuryzma
4 Replies
9. UNIX for Advanced & Expert Users
Hello all,
I am currently writing an application that besides other thing ,ftps files from remote machines (running linux and solaris). My problem is this: i am connecting to remote machines as a user other than root and i have found that there is a possibility that i will encounter folders with... (3 Replies)
Discussion started by: noam128
3 Replies
10. AIX
Hi all,
I'm using AIX v 5.3
I want to create system users to access through ftp or sftp and restrict those users into specific directory and don't traverse the whole file system just to be restricted within a directory and don't get shell access . i don't want to use any other third party... (7 Replies)
Discussion started by: h@foorsa.biz
7 Replies
nfssec(5) File Formats Manual nfssec(5)
NAME
nfssec - overview of NFS security modes
DESCRIPTION
The mount_nfs(1M) and share_nfs(1M) commands each provide a way to specify the security mode to be used on an NFS filesystem through the
option. mode can be either or These security modes may also be added to the automount maps. Note that mount_nfs(1M) and automount(1M) do
not support at this time.
The option on the share_nfs(1M) command line establishes the security mode of NFS servers. If the NFS connection uses the NFS Version 3
protocol, the NFS clients must query the server for the appropriate mode to use. If the NFS connection uses the NFS Version 2 protocol,
then the NFS client uses the default security mode, which is currently NFS clients may force the use of a specific security mode by speci-
fying the option on the command line. However, if the filesystem on the server is not shared with that security mode, the client may be
denied access.
If the NFS client wants to authenticate the NFS server using a particular (stronger) security mode, the client wants to specify the secu-
rity mode to be used, even if the connection uses the NFS Version 3 protocol. This guarantees that an attacker masquerading as the server
does not compromise the client.
The NFS security modes are described below. Of these, the modes use the Kerberos V5 protocol for authenticating and protecting the shared
filesystems. Before these can be used, the system must be configured to be part of a Kerberos realm.
Use authentication. The user's UNIX user-id and group-ids are passed in the clear on the network, unauthenticated by the NFS server
. This is the simplest security method and requires no additional administration. It is the default used by HP-UX NFS Version 2
clients and HP-UX NFS servers.
Use a Diffie-Hellman public key system
which is referred to as in the forthcoming Internet RFC).
Use Kerberos V5 protocol to authenticate users before granting access
to the shared filesystem.
Use Kerberos V5 authentication with integrity checking (checksums) to
verify that the data has not been tampered with.
User Kerberos V5 authentication, integrity checksums, and privacy protection
(encryption) on the shared filesystem. This provides the most secure filesystem sharing, as all traffic is encrypted. It should
be noted that performance might suffer on some systems when using depending on the computational intensity of the encryption
algorithm and the amount of data being transferred.
Use null authentication
NFS clients using have no identity and are mapped to the anonymous user by NFS servers. A client using a security mode other
than the one with which an HP-UX NFS server shares the filesystem has its security mode mapped to In this case, if the filesystem
is shared with users from the client are mapped to the anonymous user.
WARNINGS
lists the NFS security services. Do not edit this file. It is not intended to be user-configurable.
FILES
NFS security service configuration file
SEE ALSO
automount(1M), mount_nfs(1M), share_nfs(1M), rpc_clnt_auth(3N), secure_rpc(3N), nfssec.conf(4).
nfssec(5)