Re: Machine authentication

From: bugtraq@seifried.org
Date: 12/18/01 

Date: Mon, 17 Dec 2001 17:23:07 -0700 (MST)
From: <bugtraq@seifried.org>
To: James Craig <jmc@cs.rit.edu>

> We are looking for a way to authenticate machines such that when
> a machine asks for an NFS mount, the server can trust it is that
> machine. I believe NIS+ can provide this, but how about kerberos,
> or DES? How would one set this up in a Solaris 8 environment?

IPSEC is another way to do this, you can do auth via passwords, X.509,
PGP, etc. Only allow NFS via the IPSEC, if the client authenticates to
IPSEC properly, voila.

> jim crag

-Kurt

Relevant Pages

  • Re: IPSec Policy Agent wont start
    ... >> explanation I have seen for this is a corrupted policy. ... >> copy of PGP Corporate Desktop installed but the VPN stuff is disabled. ... >> Oakley failed to start and IPSec driver failed to start. ... >PGPNet install disables the Windows 2000 IPsec client. ...
    (microsoft.public.win2000.security)
  • Re: IPSec Policy Agent wont start
    ... > explanation I have seen for this is a corrupted policy. ... > copy of PGP Corporate Desktop installed but the VPN stuff is disabled. ... Windows 2000 IPsec will have problems if another IPsec service ... PGPNet install disables the Windows 2000 IPsec client. ...
    (microsoft.public.win2000.security)
  • Re: PGP causes IPSec to become inoperable
    ... What do you need to use PGP for? ... Are you trying to use the VPN ... features or just the basic tools? ... IPSec services. ...
    (Security-Basics)
  • RE: PGP causes IPSec to become inoperable
    ... when you installed pgp, you installed pgpnet which overrides the ipsec ... built into win2k...reinstall pgp without pgpnet and you won`t have this ... PGP causes IPSec to become inoperable ...
    (Security-Basics)
  • Re: PGP causes IPSec to become inoperable
    ... I installed PGP freeware 7 and upon ... > reboot I received the error 'at least one service or ... I noticed IPSec was now ... Uninstalling PGP, IPSec ...
    (Security-Basics)