Problem with krb5 authentification, server under a NAT
Quentin Godfroy
godfroy at clipper.ens.fr
Tue Apr 22 12:19:09 EDT 2008
Hi,
I have a problem with krb5 authentification and nfsv4:
basically the server is behind a NAT which over I do not have much control.
To mount exported partitions I use socat on the NAT and redirect some TCP port
(actually 2050 because 2049 is firewalled) to the port 2049 on the server. I
can successfuly mount with auth=sys,port=2050, but I am unable to mount with
kerberos authentification. The problem seems to lie within rpc.gssd which does
not care for the port setting and tries to contact the server on port 2049.
I suppose the same could happen with nfsv{2,3} (provided the mountd port is
redirected as well)
Is this a problem you were aware of?
I suppose fixing it may require a change in the callback between the kernel
and rpc.gssd?
Regards,
Quentin Godfroy
More information about the NFSv4
mailing list