![]() ![]() Under the auth_sys security method, the user is authenticated at the client, usually through a logon name and password. The two user authentication methods are auth_sys (UNIX authentication) and RPCSEC_GSS (Kerberos). NFS V4 normally authenticates clients at the user level rather than at the host level. Below we will show a number of issues that one can follow to heal those security problems. The main problems with NFS are that it relies on the inherently insecure UDP protocol, transactions are not encrypted and hosts and users cannot be easily authenticated. If you need access to NFS across the internet, use a VPN (IPSEC, SSL tunnel, SSH tunnel, even pptp) and BLOCK all direct internet access (other than the secure connection) on the server.įurthermore, What are the security problems with NFS?. View full answerĪlso question is, How do I protect NFS share? Doing so minimizes NFS security risks and better protects data on the server. The following points should be considered when exporting NFS file systems on a server or mounting them on a client. NFS is well suited for sharing entire file systems with a large number of known hosts in a transparent manner.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |