secure NFS problem

From: Steve Holmes (sjh_at_purdue.edu)
Date: 06/15/04

  • Next message: pserrano_at_almades.com: "Re: DNS problem on Solaris X86"
    To: focus-sun@securityfocus.com
    Date: Tue, 15 Jun 2004 13:37:38 -0500
    
    

    I've been trying to use sec=dh in an experiment to evaluate the secure NFS
    feature of Solaris 9.

    I followed the instructions in the docs on docs.sun.com (created a key for
    myself and my server and ran keylogin -r as root, added sec=dh to the
    /etc/dfs/dfstab file, and ran shareall).

    When I try to mount my home directory on a client it gets an error.

     rpcsec: [ID 270986 kern.notice] NOTICE: authdes_create: unable to get client's netname: RPC: Failed (unspecified error) (error 16)

    on the client.

    I don't know what it is referring to.

    Also, I tried with and without sec=dh in the automount map on the client.
    Both ways failed.

    If I try to do a manual mount on the client I get

     error 7 (RPC: Authentication error)

    and then when I do a df or try to ls the mount point it returns "invalid
    argument".

    Can anyone give me pointers to good docs on this. We would like to
    implement this for our lab servers this summer.

    Thanks,
    Steve.

    -- 
    Steve Holmes		 \http://web.ics.purdue.edu/~sjh
    ITaP/TLT (ne ICS)	  \Email:sholmes@purdue.edu
    Purdue University	   \Phone: (765) 496-3325
    151 S Grant St.             \
    West Lafayette IN 47906-3560 \
    

  • Next message: pserrano_at_almades.com: "Re: DNS problem on Solaris X86"

    Relevant Pages

    • Re: Problems mounting nfs from freebsd to Mac.
      ... Problems mounting nfs from freebsd to Mac. ... I've got an nfs server that's refusing to mount one client - via one ... That elimintes NFS on the client, and -most- of the NFS config on the ...
      (freebsd-questions)
    • Re: recent nfs change causes autofs regression
      ... If the user asks for a new mount that is read-write, ... get it - ie we should not re-use the old client handles, ... everything needs to have the same flags), THOSE PEOPLE, who want the NEW ... or deleted on the server are now extended to also include the ...
      (Linux-Kernel)
    • Re: nfsmnthelp holding up server nfsd?
      ... client to mount a filesystem increments BADCALLS a bunch. ... the server to watch nfs request, only 1 or two nfs requests come ...
      (comp.unix.aix)
    • Re: [opensuse] cifs files always created as owner root
      ... client boxes do not have any users on them. ... I know the original poster said they were authenticated with LDAP. ... Lynn, what does a user get if they type: ... It does indeed mount all users on the local system. ...
      (SuSE)
    • Re: Another try at NFS mount.
      ... *" as a test to see if clients can mount it (trying to mount this ... First I made sure that the client and server can talk. ... Then I made sure that the NFS server is running. ...
      (Ubuntu)