LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page NFSv4 and Kerberos with user's ticket.
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 11-10-2013, 02:51 PM   #1
arizonagroovejet
Senior Member
 
Registered: Jun 2005
Location: England
Distribution: openSUSE, Fedora, CentOS
Posts: 1,094

Rep: Reputation: 198Reputation: 198
NFSv4 and Kerberos with user's ticket.

I'm looking at implemented Kerberos authenticated NFSv4 mounting of home directories on some Linux machines I look after. It's complicated both by my not really knowing very much about Kerberos and by my not having control over the NFS server of KDC, I have to get other people to do those bits.

I have the Linux machines set up so that users are authenticated with Kerberos and I'm wondering, can I use the user's ticket for authenticating to the NFS sever to mount their home directory when they log in?

Every guide I've found talks about creating principles for every client and adding stuff to the krb5.keytab on each client. Making a separate principle for every client seems like it's going to be a real pain. Not just generating stuff for and distributing to all the machines that are already set up, but having to create one every time a new machine is set up. (I need the set up of each new machine to be almost monkey can do it simple.) The Ubuntu guide to NFSv4 at https://help.ubuntu.com/community/NFSv4Howto says, in bold, "...the server gives access to users with a valid kerberos ticket only." Users. Not clients, users. Yet when I read the rest of the guide to setting up NFS with Kerberos it seems to be describing a set up where the server grants access to clients with a valid ticket, not users.
 
Old 11-11-2013, 05:01 AM   #2
vishesh
Member
 
Registered: Feb 2008
Distribution: Fedora,RHEL,Ubuntu
Posts: 661

Rep: Reputation: 66
In Kerberos each application (service) and client (machine) need to have principal along with users.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Automounting Windows Share using user's kerberos ticket 0ddba11 Linux - Server 18 01-12-2011 09:33 AM
NFSv4 with Kerberos 5 Authentication Troubleshooting rdibley Linux - Networking 2 10-29-2009 09:40 AM
Problem for get ticket from kerberos aspenbr Linux - Networking 1 08-11-2009 10:44 AM
Problem in get ticket with Kerberos aspenbr Linux - Software 0 08-11-2009 04:24 AM
Samba Kerberos Ticket sindri Linux - Software 0 11-24-2004 01:10 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 08:14 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration