Surprised!!! When it comes to NFS, it's a vague question but, when comparing between telnet and ssh it's not a vague question. Both the questions are related to secure or not. Why is that? -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Vladimir Zlatkin Sent: Thursday, August 31, 2006 12:26 PM To: General Red Hat Linux discussion list Subject: Re: is NFS secure ? Certainly a vague question. I think of it from the perspective of how hard is it for me to see someone else's nfs data. The answer is: very easy. Take a common scenario where many users mount their home directory via nfs, and you use root_squash. To gain access to a user's data all you need is root on a machine that can mount any home directory. Then just su - [username] and you'll have access. Some magic required, but that is pretty insecure. I've never tried nfs over ssh, but I know you can restrict the different nfs components to use a specific port instead of portmap. Therefore, it should be possible to do nfs over ssh. -Vlady Miner, Jonathan W (CSC) (US SSA) wrote: > Hi - > > Asking if something is "secure" is a pretty vague question... Whether your system is secure or not depends on how you are using it, and what level of security you need. I can't speak for NFSv4 yet. > > See the manual page for /etc/exports to learn how to restrict who can mount your filesystems, read-write or read-only, and whether the clients' root account has privs or not. > > You could even use iptables (or another firewall) to restrict clients. > > NFS does not encrypt traffic, but it might be possible to run NFS over an VPN or SSH-tunnel. > > > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx on behalf of Shekhar Dhotre > Sent: Thu 08/31/2006 08:58 AM > To: General Red Hat Linux discussion list > Cc: > Subject: RE: is NFS secure ? > > So, NFS versions before NFSv4 were not secure right ? > > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Anze Vidmar > Sent: Thursday, August 31, 2006 8:53 AM > To: General Red Hat Linux discussion list > Subject: Re: is NFS secure ? > > On Thu, 2006-08-31 at 08:48 -0400, Shekhar Dhotre wrote: > >> OK , Is NFS secure ? > NFSv4 is. > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
