View previous topic :: View next topic |
Author |
Message |
Greens n00b

Joined: 23 Aug 2013 Posts: 27
|
Posted: Fri Jan 03, 2014 3:09 pm Post subject: How can I make NFS more secure? |
|
|
I have some encrypted disks with dm-crypt/LUKS that I only mount after boot, but once I mount them, due to NFS, anyone with the IP address 192.168.0.102 is free to connect and have read/write access to them without password or anything. Essentially making the previous useless in some cases.
Is there anyway to make NFS only accept connections through something like public/private key encryption, or ask for a password? I would like to continue using NFS, because SFTP isn't fast enough for what I need. |
|
Back to top |
|
 |
blu3bird Retired Dev

Joined: 04 Oct 2003 Posts: 612 Location: Munich, Germany
|
Posted: Fri Jan 03, 2014 5:12 pm Post subject: |
|
|
Use NFSv4 instead of NFSv3, it supports authentication and encryption. _________________ Black Holes are created when God divides by zero! |
|
Back to top |
|
 |
Greens n00b

Joined: 23 Aug 2013 Posts: 27
|
Posted: Fri Jan 03, 2014 7:23 pm Post subject: |
|
|
blu3bird wrote: | Use NFSv4 instead of NFSv3, it supports authentication and encryption. |
I am. I didn't see anything about it in the gentoo NFS wiki page. I did some more searching and I assume I have to setup kerberos? There's not much documentation on this. |
|
Back to top |
|
 |
|