NFS4 and remote access
Ian Grant
Ian.Grant at cl.cam.ac.uk
Wed Apr 18 04:51:21 EDT 2007
Dear List,
We are wondering how we can best allow remote ssh access to our users
if their home directories are mounted using NFSV4 with kerberos
authentication.
We currently try hard not to expose user passwords to remote systems.
So we only allow ssh access using one-time passwords or public keys.
If we were to set up ssh so that users could connect using public keys,
we would like them to be able to authenticate themselves to NFS without
exposing their kerberos key. One idea is to have them use a one-time
password to get credentials via a keytab, but securely managing the
keytabs would be a problem.
Does anyone have a better idea? I would be interested to hear.
Ian
More information about the NFSv4
mailing list