LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-13-2015, 09:18 PM   #1
linuxmantra
Member
 
Registered: Dec 2013
Posts: 104

Rep: Reputation: Disabled
NFS Security


I would like to give access to NFS share to host 192.168.1.11 only and I made following entries
# vi /etc/exports
/common 192.168.1.11/24(rw,sync,root_squash)

# service nfs restart
# exportfs -av
# showmount -e

I have a test box with IP address of 192.168.1.5, This box can access the share. I want only 192.168.1.11 to access the content of share. ANY thoughts?
 
Old 04-13-2015, 09:24 PM   #2
astrogeek
Moderator
 
Registered: Oct 2008
Distribution: Slackware [64]-X.{0|1|2|37|-current} ::12<=X<=14, FreeBSD_10{.0|.1|.2}
Posts: 3,876
Blog Entries: 1

Rep: Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998
Quote:
Originally Posted by linuxmantra View Post
I would like to give access to NFS share to host 192.168.1.11 only and I made following entries
# vi /etc/exports
/common 192.168.1.11/24(rw,sync,root_squash)

# service nfs restart
# exportfs -av
# showmount -e

I have a test box with IP address of 192.168.1.5, This box can access the share. I want only 192.168.1.11 to access the content of share. ANY thoughts?
So, why did you put /24?

192.168.1.11/24 = 192.168.1.0 through 192.168.1.255.

To limit it to 192.168.1.11, simply use 192.168.1.11 which is equivalent to 192.168.1.11/32.

This is called CIDR notation, you may find a quick explanation here.

Last edited by astrogeek; 04-13-2015 at 09:28 PM.
 
Old 04-13-2015, 09:48 PM   #3
linuxmantra
Member
 
Registered: Dec 2013
Posts: 104

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by astrogeek View Post
So, why did you put /24?

192.168.1.11/24 = 192.168.1.0 through 192.168.1.255.

To limit it to 192.168.1.11, simply use 192.168.1.11 which is equivalent to 192.168.1.11/32.

This is called CIDR notation, you may find a quick explanation here.
You are awesome. I tried above example which was given in book. I followed what you said and it works perfectly.

# mount.nfs4 192.168.1.9:/common /mymount
mount.nfs4: access denied by server while mounting (null)

THank you very much
 
Old 04-13-2015, 09:51 PM   #4
astrogeek
Moderator
 
Registered: Oct 2008
Distribution: Slackware [64]-X.{0|1|2|37|-current} ::12<=X<=14, FreeBSD_10{.0|.1|.2}
Posts: 3,876
Blog Entries: 1

Rep: Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998Reputation: 1998
You are welcome!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] NFS security ursusca Linux - Security 4 10-09-2009 07:35 AM
Samba vs. NFS - security govert Linux - Security 6 07-15-2009 09:18 PM
NFS server security jkmreyes Linux - Server 1 03-12-2008 11:24 PM
nfs security problems asyed25 Linux - Security 0 07-19-2007 06:35 AM
NFS security with /etc/hosts.deny supernode Linux - Security 8 10-22-2005 10:51 AM


All times are GMT -5. The time now is 06:48 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration