9 More Discussions You Might Find Interesting
1. AIX
Hi 2 ALL,
try to run NFS Server in AIX 7.1 :
1. Step by step on NFS Server node
mkdir /tmp/test
chgrp staff /tmp/test
chmod 775 /tmp/test-- create export directory (fs)
mknfsexp -d /tmp/test -t ro
exportfs -va
show mount -e
:/# exportfs -av
exports: 1831-187 re-exported /tmp/test... (4 Replies)
Discussion started by: penchev
4 Replies
2. Solaris
Hi,
I am having some NFS directory consistency problems with the below setup on a local (192.) network:
1. Different permissions (chmod) for the same NFS dir are reflected on different clients.
2. (more serious) an NFS dir created on client1 cannot be accessed on client2; this applies to some... (10 Replies)
Discussion started by: cosmojetz
10 Replies
3. Programming
Hello,
I have a question: I want to create a n client to one server connection. This is the client-server algorithm.
Enybody help to make the changes? (0 Replies)
Discussion started by: MaHmur
0 Replies
4. IP Networking
All of sudden in this morning, some computers could not connect to our UNIX server while other still could.
Some computers could ping the server while some could not.
Same on the server side.
It could ping some clients but not some.
All Windows clients could ping each other.
And more, the... (1 Reply)
Discussion started by: jonapa
1 Replies
5. UNIX for Advanced & Expert Users
Hello;
I work now with a team which has based her "applications" on the following schema:
1 NFS client C1 (linux redhat 5) writes a file fic.dat on a NFS SERVER S (RH 5)
Another NFS client C2 is waiting for the same file fic.dat (on NFS server S1), and, when "fic.dat" appears, then makes... (8 Replies)
Discussion started by: SolarMax
8 Replies
6. AIX
I have an NFS file system mounted on one of my AIX servers with "mount -v cifs".. The server from which the file system was mounted has crashed and now my "df -g" output is hanging. Is there any was to unmount this NFS file system? I have tried "umount -f". Doesn't work.
Or is there any way in... (6 Replies)
Discussion started by: wibhore
6 Replies
7. Solaris
Hello,
I have a centos as nfs server, its name is centos_A.
After I finish the setup of the nfs server, the other linux can access this nfs server immediately via /net/centos_A/*
But,
My solaris 9 can not access /net/centos_A/* immediately. I have to leave /net/centos_A, and wait for about... (1 Reply)
Discussion started by: bruceharbin
1 Replies
8. AIX
I work for a fairly large organization who recently tasked me with securing our telnet services with IPsec. We have a large mixed environment where most of our servers are running unsecured telnet. ssh was my first suggestion but because of the cost of purchasing an enterprise license for a fips... (2 Replies)
Discussion started by: dgaixsysadm
2 Replies
9. Solaris
Ladies and Gentlemen:
I have successfully configured a Solaris 8 server with Jumpstart! I can Jumpstart Solaris 8 client systems with no problem. My configuration is as follows:
Jumpstart Server: Solaris 8 patched with Recommended Patches from June 05.
I have installed Solaris 8 in... (4 Replies)
Discussion started by: rambo15
4 Replies
nfssec(5) File Formats Manual nfssec(5)
NAME
nfssec - overview of NFS security modes
DESCRIPTION
The mount_nfs(1M) and share_nfs(1M) commands each provide a way to specify the security mode to be used on an NFS filesystem through the
option. mode can be either or These security modes may also be added to the automount maps. Note that mount_nfs(1M) and automount(1M) do
not support at this time.
The option on the share_nfs(1M) command line establishes the security mode of NFS servers. If the NFS connection uses the NFS Version 3
protocol, the NFS clients must query the server for the appropriate mode to use. If the NFS connection uses the NFS Version 2 protocol,
then the NFS client uses the default security mode, which is currently NFS clients may force the use of a specific security mode by speci-
fying the option on the command line. However, if the filesystem on the server is not shared with that security mode, the client may be
denied access.
If the NFS client wants to authenticate the NFS server using a particular (stronger) security mode, the client wants to specify the secu-
rity mode to be used, even if the connection uses the NFS Version 3 protocol. This guarantees that an attacker masquerading as the server
does not compromise the client.
The NFS security modes are described below. Of these, the modes use the Kerberos V5 protocol for authenticating and protecting the shared
filesystems. Before these can be used, the system must be configured to be part of a Kerberos realm.
Use authentication. The user's UNIX user-id and group-ids are passed in the clear on the network, unauthenticated by the NFS server
. This is the simplest security method and requires no additional administration. It is the default used by HP-UX NFS Version 2
clients and HP-UX NFS servers.
Use a Diffie-Hellman public key system
which is referred to as in the forthcoming Internet RFC).
Use Kerberos V5 protocol to authenticate users before granting access
to the shared filesystem.
Use Kerberos V5 authentication with integrity checking (checksums) to
verify that the data has not been tampered with.
User Kerberos V5 authentication, integrity checksums, and privacy protection
(encryption) on the shared filesystem. This provides the most secure filesystem sharing, as all traffic is encrypted. It should
be noted that performance might suffer on some systems when using depending on the computational intensity of the encryption
algorithm and the amount of data being transferred.
Use null authentication
NFS clients using have no identity and are mapped to the anonymous user by NFS servers. A client using a security mode other
than the one with which an HP-UX NFS server shares the filesystem has its security mode mapped to In this case, if the filesystem
is shared with users from the client are mapped to the anonymous user.
WARNINGS
lists the NFS security services. Do not edit this file. It is not intended to be user-configurable.
FILES
NFS security service configuration file
SEE ALSO
automount(1M), mount_nfs(1M), share_nfs(1M), rpc_clnt_auth(3N), secure_rpc(3N), nfssec.conf(4).
nfssec(5)