[prev in list] [next in list] [prev in thread] [next in thread]
List: krbdev
Subject: Re: Kerberized NFS Vs NFS over VPN tunnel
From: Frank Cusack <frank+krb () linetwo ! net>
Date: 2011-03-08 18:24:40
Message-ID: CEF9B19B49890830BC8CAEC5 () dhcp-172-19-80-246 ! mtv ! corp ! google ! com
[Download RAW message or body]
On 3/7/11 4:15 AM +0000 sandeep patil wrote:
> In other words does a VPN tunnel between NFS
> client system and NFS server system override the need to have a
> kerberized NFS infrastructure ?
No. The two are unrelated. Even though I authenticate to the VPN
(assuming it involves user-level authentication and said authentication
is strong), if you use "insecure" NFS I can impersonate (wrt NFS) any
user at will. *That* is the problem that kerberized NFS is fixing
and VPN does not change that.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic