Neal Becker wrote: > I used unix/linux for many years. In the past we've used nfs. But > nfsv3 has no (useful) authentication. Anyone can setup a rogue > machine and pretend to be any uid/gid. > > I understand that nfsv4 was supposed to fix that. Looking at the > docs I could find, it appears I'll never live long enough to > understand how to set that up, and I haven't yet found the idiot's > guide to setting up nfsv4 with authentication. You need to set up a kerberos infrastructure for the authentication to work properly. Once you do, you'll have the ability to encrypt traffic as well as authenticating users. But all of your users will have to have a kerberos principal and all of your machines will also have to have their host/hostname@REALM principals extracted correctly. If you don't know kerberos you are heading for a world of pain. The closest thing to useful docs I can find is: http://www.freeipa.com/page/ConfiguringRHEL5Client but the tools used are specific to freeipa. You would need to set up a kerberos KDC first, which is documented elsewhere... > For now I'm using cifs. That's pretty sad. why? If it works... > I've glanced at afs, but there's no Fedora package. once again, AIUI afs uses kerberos for this. I have not researched this much, though. Regards, Stuart -- Stuart Sears RHC* -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list