| View previous topic :: View next topic |
| Author |
Message |
Greens
n00b
Joined: 23 Aug 2013
Posts: 27
|
 Posted: Fri Jan 03, 2014 3:09 pm Post subject: How can I make NFS more secure? |
 |
|
I have some encrypted disks with dm-crypt/LUKS that I only mount after boot, but once I mount them, due to NFS, anyone with the IP address 192.168.0.102 is free to connect and have read/write access to them without password or anything. Essentially making the previous useless in some cases.
Is there anyway to make NFS only accept connections through something like public/private key encryption, or ask for a password? I would like to continue using NFS, because SFTP isn't fast enough for what I need. |
|
| Back to top |
|
 |
blu3bird
Retired Dev
Joined: 04 Oct 2003
Posts: 612
Location: Munich, Germany
|
| Posted: Fri Jan 03, 2014 5:12 pm Post subject: |
|
|
Use NFSv4 instead of NFSv3, it supports authentication and encryption.
_________________
Black Holes are created when God divides by zero! |
|
| Back to top |
|
|
Greens
n00b
Joined: 23 Aug 2013
Posts: 27
|
| Posted: Fri Jan 03, 2014 7:23 pm Post subject: |
|
|
| blu3bird wrote: | | Use NFSv4 instead of NFSv3, it supports authentication and encryption. |
I am. I didn't see anything about it in the gentoo NFS wiki page. I did some more searching and I assume I have to setup kerberos? There's not much documentation on this. |
|
| Back to top |
|
|
|
Networking & Security
