[36048] in Kerberos
Re: Accessing Kerberos NFS version 4 (not 2, 3) via /net automounter
daemon@ATHENA.MIT.EDU (Nico Williams)
Tue Apr 15 15:18:13 2014
MIME-Version: 1.0
In-Reply-To: <20140415184844.GA25384@oracle.com>
Date: Tue, 15 Apr 2014 14:16:56 -0500
Message-ID: <CAK3OfOj3SnNGvNbfH0qnaj4o_bFiCXvDR4tP11MVZEL2t1Ng6A@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Nico Williams <nico@cryptonector.com>, Wang Shouhua <shouhuaw@gmail.com>,
"kerberos@mit.edu" <Kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
There is nothing in NFSv4 requiring the use of any sort of client
credentials other than user credentials. However, for multi-user
clients it's important to have a credential for some session state and
for callbacks.
For single-user clients there's no need to have any device credentials
at all for NFSv4 -- if you have none then the device should use the
one user's credentials for all NFSv4 purposes.
That said, it's best practice to key all devices. Still, nothing in
NFSv4 requires such keys to be named in host-based ways.
Nico
--
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
