[2757] in Kerberos
Re: Kerberized NFS...
daemon@ATHENA.MIT.EDU (Jon A. Rochlis)
Wed Jul 21 09:42:32 1993
To: cmetz@bdmserver.mcl.bdm.com (Craig Metz)
Cc: kerberos@Athena.MIT.EDU
In-Reply-To: Your message of "Tue, 20 Jul 1993 19:24:49 EDT."
Date: Wed, 21 Jul 1993 09:28:14 -0400
From: "Jon A. Rochlis" <jon@GZA.COM>
Is there any documentation (other than UTSL on the diffs) on the
Kerberized NFS server changes?
Well, you can look at the appendix to the Kerberos Usenix paper.
(/pub/kerberos/doc/usenix.{PS,txt} via anonymous ftp from
athena-dist.mit.edu). It's not a protocol specification, but it is a
good explaination of why and how it works. Note that Athena has
migrated to AFS for almost all of it's remote filesystem access.
I'm considering porting the Linux NFS
server daemon (all-user mode, all free code) to a few other platforms
for Kerberizing NFS. For some sites, like mine, the performance loss
and extra CPU overhead may be justified...
What performance loss and CPU overhead? The Athena Kerberized NFS on
authenticates at mount time. That cost is minimal. To do more would
have required client side kernel changes which we really didn't want
to do (in 1987).
-- Jon
