[luau] (Secure) NFS alternatives and centralized authentication?
Dustin Cross
dusty at sandust.com
Wed May 29 10:26:01 PDT 2002
Aloha,
You could check out:
OpenAFS - http://www.openafs.org/
or
Global File System - http://www.sistina.com/products_gfs.htm $$$$$
The guy that started this project in college has stoped using the GPL and
started his own company. OpenGFS (http://www.opengfs.org) took the GPL
code and has continued development. I was talking to EMC about GFS a
couple years ago and it sounded great.
Dusty
> I've been using NFS on my LAN for a while, but that's a totally
> unacceptable solution for anything but completely trusted networks.
> Also, SunRPC doesn't exactly have the greatest track record in terms of
> security. Are there any alternatives to NFS that behave in a similar
> fashon (just mount them and they're there as though they were local
> filesystems) that are a bit more secure (possibly offering some form of
> authentication in addition to just trusting the host, possibly
> enforcing some form of user rights so a person can't own a single
> system and pretend to be any user they want, etc)?
>
> I'm looking to implement part of a Linux based lab where I can either
> dynamically mount each user's home directory when they log in (this is
> against a Novell 5 server) or I could possibly mount the whole homes
> tree, but that wouldn't work very well (see earlier comment about a
> local compromise leading to full rights on the network).
>
> I'm also looking for ways to authenticate against a central directory
> (Novell NDS in this case, but I might also want to do some of this at
> home where I don't run Novell).
>
> Warren, I'm pretty sure you have some experience with this; care to
> share? :)
>
> --MonMotha
>
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau
More information about the LUAU
mailing list