Re: Access control for a NFS server

• Previous message: Tobias Edler: "Access control for a NFS server"
• In reply to: Tobias Edler: "Access control for a NFS server"
• Next in thread: Jörg Bornschein: "Re: Access control for a NFS server"
• Reply: Jörg Bornschein: "Re: Access control for a NFS server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 20 Jul 2004 08:07:44 -0400
To: focus-linux@securityfocus.com

I currently use iptables to filter by MAC address on my NFS server.
This isn't foolproof, as it's possible to spoof a MAC, but it works fine
for me as users don't have easy access to the network jacks.

I suppose you could probably tunnel NFS over SSH as well, I've always
wanted to try it, but I haven't had time.

Tobias Edler wrote:
> Hi !
> As i read a lot of competent postings on this list, maybe one of you can
> adwise me on this qustion.
>
> How can i make sure nobody unplugs a worstation, plugs in a laptop, uses
> the workstation's MAC, mounts /home from the nfs server, and does evil
> things to the homedirs ?
> Like, verify some hostkey or something ?
>
> Regards, Tobias
>

-- 
=====================================================================
| Symen Mulders                   | muldersb AT plattsburgh DOT edu |
| Programmer/Analyst              | Voice: 1.518.564.4433           |
| Plattsburgh State University    | FAX: 1.518.564.2442             |
=====================================================================
   "Unprovided with original learning, unformed in the habits of
   thinking, unskilled in the arts of composition, I resolved to
   write a book."
                                     -- Edward Gibbon
   "The plural of anecdote is not data."
                                     -- Frank Kotsonis

• Previous message: Tobias Edler: "Access control for a NFS server"
• In reply to: Tobias Edler: "Access control for a NFS server"
• Next in thread: Jörg Bornschein: "Re: Access control for a NFS server"
• Reply: Jörg Bornschein: "Re: Access control for a NFS server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: VMS to OS X file sharing ... > ROUND 1. ... > I tried setting up the Mac as an NFS server following the instructions ... > but the vms side always got a protection violation trying to write to ... (comp.os.vms) Re: NFS Startup error ? ... The NFS server in Multinet will work with MacOS, but you have to force the Mac to use an older protocol. ... I use it as both server and client between Mac OS X and VMS. ... (comp.os.vms) How to change the FSINFO for nfsd? ... Currently a gentoo linux server is used as a nfs server for some Mac OS ... These Mac OS X clients are doing video editing. ... (Linux-Kernel) Re: How to change the FSINFO for nfsd? ... Currently a gentoo linux server is used as a nfs server for some Mac OS ... These Mac OS X clients are doing video editing. ... (Linux-Kernel)