Re: Access control for a NFS server
From: Symen Mulders (muldersb_at_plattsburgh.edu)
Date: Tue, 20 Jul 2004 08:07:44 -0400 To: firstname.lastname@example.org
I currently use iptables to filter by MAC address on my NFS server.
This isn't foolproof, as it's possible to spoof a MAC, but it works fine
for me as users don't have easy access to the network jacks.
I suppose you could probably tunnel NFS over SSH as well, I've always
wanted to try it, but I haven't had time.
Tobias Edler wrote:
> Hi !
> As i read a lot of competent postings on this list, maybe one of you can
> adwise me on this qustion.
> How can i make sure nobody unplugs a worstation, plugs in a laptop, uses
> the workstation's MAC, mounts /home from the nfs server, and does evil
> things to the homedirs ?
> Like, verify some hostkey or something ?
> Regards, Tobias
-- ===================================================================== | Symen Mulders | muldersb AT plattsburgh DOT edu | | Programmer/Analyst | Voice: 1.518.564.4433 | | Plattsburgh State University | FAX: 1.518.564.2442 | ===================================================================== "Unprovided with original learning, unformed in the habits of thinking, unskilled in the arts of composition, I resolved to write a book." -- Edward Gibbon "The plural of anecdote is not data." -- Frank Kotsonis