Host based authentication

[Mike Eisler]

> There's an interesting slide from 
> http://nasconf.com/pres03/eisler.pdf 
> that refers to this lack:
> 
>        " In hindsight, NFS ...
> 
>       • at mount time should have authenticated to
>          server via per-host passwords (Kerberos
>          would have followed)"
> 

As the presenter of that slide, let me give you context.
Doing that in 1984 would have been a wonderful thing.
It would have made NFS authentication with SMB (aka CIFS) through
most of 1980s and 1990s. But things are different now,
and host-based security is not sufficient ...

> Think how much easier that would be than explaining TGTs, 
> kinit, and the 
> mysteries of PAM to your users (or trying to decipher the 
> mysteries of 
> PAM yourself), and what a big step up over AUTH_SYS that 
> would have been 
> too.

... your point is taken but keep in mind that Microsoft proved
with the deliver of Windows 2000 that all that Kerberos and
authentication jargon did not need to be explained to produce
a CIFS client and server with user-based authentication.

There's no reason, aside from inertia, that prevents Linux
from having as transparent a Keberos experience as Windows.

And I see that Brent is chiming it, so he'll probably tell you
that he'll pull all this off in OSX. :-)