[7155] in Kerberos
Re: Athena style kerberized NFS on netbsd
daemon@ATHENA.MIT.EDU (Thor Lancelot Simon)
Fri Apr 26 00:51:39 1996
To: kerberos@MIT.EDU
Date: 26 Apr 1996 00:14:20 -0400
From: tls@panix.com (Thor Lancelot Simon)
Reply-To: tls@rek.tjls.com
In article <9604251032.AA26293@MIT.EDU>,
Greg Wohletz <greg@duke.CS.UNLV.EDU> wrote:
>We have for several years been using Athena style knfs on our
>sparc fileservers (running SunOS 4.x). By Athena style i am
>refering to the nfsid program and friends. Anyway I'm about to
>undertake porting the kernel changes into a NetBSD 1.1 kernel.
>
>Has anyone done this already, or done it on a similar system like
>FreeBSD?
There is already similar code in 4.4BSD-Lite and Lite2.
IMHO it's not in NetBSD because it's considered nearly useless -- in the
face of active TCP attacks as are becoming increasingly common today, you
need at the very least a per-RPC signature, which is often more
computationally expensive than just encrypting the whole stream in the first
place.
4.4BSD knfs is not compatible with the Athena SunOS knfs, because 4.4 knfs
works only over TCP.
If you're interested in doing a *useful* knfs implementation, I could probably
point you at some people who have attacked it in the past.
--
Thor Lancelot Simon tls@panix.COM
If you're looking for a patsy, why not try the entire human race?
