> Some older kernels do not support strong keys. Try adding: > allow_weak_crypto = true > to the > [libdefaults] > in /etc/krb5.conf yes. I painfully (mount only says access denied) found out this already and I use allow_weak_crypto to limit to DES. More encryption types have been introduced with kernel 2.6.39... I tried to use kernel 3.2 from squeeze-backports but this introduced new errors, thus I decided to try with 2.6 first. > Also it's not recommended to use the pseudo-root fsid=0 method for > nfs exports under Linux: > http://wiki.linux-nfs.org/wiki/index.php/Nfsv4_configuration hmm, as far as I have understood I have to: - export the root folder /exports explicitly beside the "real" exports p.ex. /exports/opt - use fsid=0 for the root folder to force version 4 of NFS What's your suggestion to improve/secure my configuration? regards knut -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
