Subject: | |
From: | |
Reply To: | |
Date: | Thu, 10 Nov 2005 08:50:10 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
I use the 'insecure' option on the server-side also. I've never had any
problems with any of the MacOS X's when using the insecure option. I
decided to just add 'insecure' because it's not clear to me that the
'secure ports' option provides any additional security. We are planning
on using kerberos support with NFSv4 when this becomes stable to provide
true security, as well as a general migration towards using AFS.
Remember that you'll also want to set NFSLOCKS=-NO- in the
/etc/hostconfig (on the macs) since the BSD NFS file locking is
incompatible with the Linux NFS file locking.
Greg
Sergio Ballestrero wrote:
> Brent L. Bates wrote:
>
>> Apple changed the default port used for NFS on their systems to an
>> `insecure' port(above 512?)
>
> above 1024
>
>> starting with MacOS 10.4. Before this, they used
>> a more standard port.
>
> The insecure port is also used by 10.2 and 10.3 when the NFS mount is
> done by a (non-super) user. I don't remember about 10.1.
> An alternative solution is to use the "insecure" option for the export,
> on the server. With the security concerns that this implies.
>
> Cheers, Sergio
>
--
Gregory Harris
Network Specialist
Department of Mathematics
The University of Kansas
[log in to unmask]
(785) 864-7311
|
|
|