topic secure nfs in Operating System - HP-UX

secure nfs

Alvin Cabrera — Wed, 22 Nov 2000 19:56:08 GMT

using hpux, is there any way to authenticate a server or user before allowing them to mount? i've modified inetd.sec to allow/deny certain ips, but what about the possibility of ip spoofing? does anyone know if hp can really have a secure nfs connection or is there a third party solution available? thanks for the help.

Re: secure nfs

Rainer_1 — Wed, 22 Nov 2000 20:08:48 GMT

for more security you could add some more options in /etc/exports such as restrict mount to specific host

-access=

see man exports

Re: secure nfs

Pramod_4 — Wed, 22 Nov 2000 22:15:15 GMT

Hi,

As Rainer said you can restrict the NFS access by using the IP/Host by using the option access=< IP or Network Address or Netgroup >

And Root access to the NFS files system can also be controlled by using the "root=< Host name >" option

For more information about the usage of the option in /etc/exports file, refer the man page for "exports"

Regards,

Pramod

Re: secure nfs

Alvin Cabrera — Mon, 27 Nov 2000 17:19:10 GMT

is hostname/ip verification really reliable? if i was able to spoof the ip and basically change my systems hostname to match i'd get access to the exported filesystems. is there a way to use private/public keys to authenticate? any ideas? thanks again.