From owner-freebsd-questions Mon Feb 17 2:35: 4 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 981AB37B401; Mon, 17 Feb 2003 02:35:02 -0800 (PST) Received: from catflap.home.slightlystrange.org (pc1-cmbg1-4-cust43.cmbg.cable.ntl.com [62.253.133.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4392243F3F; Mon, 17 Feb 2003 02:35:01 -0800 (PST) (envelope-from dan@slightlystrange.org) Received: from danielby by catflap.home.slightlystrange.org with local (Exim 3.36 #1) id 18kibt-0009qw-00; Mon, 17 Feb 2003 10:34:53 +0000 Date: Mon, 17 Feb 2003 10:34:53 +0000 From: Daniel Bye To: questions@freebsd.org, current@freebsd.org Subject: Re: SecureRPC/NFS, kerberized NFS Message-ID: <20030217103452.GA37658@catflap.home.slightlystrange.org> Reply-To: dan@slightlystrange.org Mail-Followup-To: questions@freebsd.org, current@freebsd.org References: <20030216210512.B17255@klima.physik.uni-mainz.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030216210512.B17255@klima.physik.uni-mainz.de> User-Agent: Mutt/1.4i X-Scanner: exiscan *18kibt-0009qw-00*C7ACvntv8EM* (SlightlyStrange.org, Using NOD32 http://www.nod32.com) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Feb 16, 2003 at 09:05:49PM +0100, Hartmann, O. wrote: > > Hello. > > My question is very simple. > > Does FreeBSD, either 4.7/4.8 or 5.0 support SecureRPC, especially SecureNFS? > I found the keyserv facility, installed the databases and read some note > in mknetid(8): > > -n netid_file > Specify the location of the netid information file. The com- > piled-in default is /etc/netid. Note that no error is generated > if the netid database can't be found. The netid database is not > likely to be present on most systems until Secure RPC support is > added to FreeBSD. > > For me that sounds like FreeBSD does not have SecureRPC support and therefore > no SecureNFS support. > > My intention is that I wish to setup a secure NFS environment with FreeBSD's > basics and had neither success with SecureRPC nor KERBEROS V. In that part > FreeBSD lacks in appropriate documentation, but may netsources told that > securing via SecureRPC and/or kerberos should be possible. > > Can someone give me a hint or confirm the lack of SecureRPC in recent FreeBSD > versions? > > Thanks in advance, > Oliver Dunno if it quite covers what you want, but there is a package called SNFS, details here http://www.math.ualberta.ca/imaging/snfs/. The page says that it is known to work with FreeBSD. If your servers and clients are all running the BSD implementation of NFS, they can run over TCP and therefore can be tunnelled over SSH without the aid of any third party extensions or apps. HTH Dan -- Daniel Bye PGP Key: ftp://ftp.slightlystrange.org/pgpkey/dan.asc PGP Key fingerprint: 3D73 AF47 D448 C5CA 88B4 0DCF 849C 1C33 3C48 2CDC _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message