Client authentication question
Lukas Hejtmanek
xhejtman at ics.muni.cz
Mon Dec 10 09:52:22 EST 2007
Hello,
when using Kerberos for authentication, the client must possess krb5.keytab to
be able to mount NFS volume from the server with krb extensions. However, the
krb5.keytab is bound with the client IP and hostname. In such a case, the
client may not migrate to another network (where he gets another IP and
invalides krb5.keytab from the previous network). Is this a desired feature or
something that should work (I mean the migration).
Regarding the migration - I do not need live migration with mounted file
system, I just want to be able to mount the share in any network from my home
NFS server. Is there any solution for this if I want the kerberos
authentication?
--
Lukáš Hejtmánek
More information about the NFSv4
mailing list