Daniel121272@gmx.de wrote:
Dear List,
we use nfs to export a file-system of a file-server.
That's nice. We too.
But there is no authentification of the importing computer, so everyone in our subnet could give themself a valid IP and has acess to all files.
You're _REALLY_ in trouble if you let users in your net play with IPs and configurations. This is a very common mistake. Please be more restrictive and do not let users change anything. This is the real security.
I know, there is snfs (nfs via ssh-tunnel), but as far as I know not in SuSE?
How about make a query in Google? ;-)
My question: Is there any version of nfs or a comparable service with a secure authentification in the SuSE-packet? Or are there any other suggestions as alternative?
Thank you, Dani.
Other user suggested SMB, but this is the same problem since they can forge users and IPs in your net. Once again: A- Don't let users play with net config - a good solution is DHCP, you can assign IPs agains MAC addresses B- Do a search on Google. Best Regards -- [--------------------------------------------------------------------] [ Prof. Andres Augusto Nogueiras Melendez ] [ Departamento de Tecnologia Electronica - Universidad de Vigo ] [ Campus Lagoas Marcosende, 9 http://www.dte.uvigo.es ] [ 36280 - Vigo, Pontevedra mailto:andres.nogueiras@dte.uvigo.es ] [ Spain tel: +34 986 812 091 fax: +34 986 469 547 ] [--------------------------------------------------------------------]