[luau] (Secure) NFS alternatives and centralized authentication?

Dustin Cross dusty at sandust.com
Wed May 29 10:26:01 PDT 2002


Aloha,

   You could check out:

OpenAFS - http://www.openafs.org/

or

Global File System - http://www.sistina.com/products_gfs.htm $$$$$
The guy that started this project in college has stoped using the GPL and
started his own company.  OpenGFS (http://www.opengfs.org) took the GPL
code and has continued development.  I was talking to EMC about GFS a
couple years ago and it sounded great.


Dusty


> I've been using NFS on my LAN for a while, but that's a totally
> unacceptable solution for anything but completely trusted networks.
> Also, SunRPC doesn't exactly have the greatest track record in terms of
>  security.  Are there any alternatives to NFS that behave in a similar
> fashon (just mount them and they're there as though they were local
> filesystems) that are a bit more secure (possibly offering some form of
>  authentication in addition to just trusting the host, possibly
> enforcing  some form of user rights so a person can't own a single
> system and  pretend to be any user they want, etc)?
>
> I'm looking to implement part of a Linux based lab where I can either
> dynamically mount each user's home directory when they log in (this is
> against a Novell 5 server) or I could possibly mount the whole homes
> tree, but that wouldn't work very well (see earlier comment about a
> local compromise leading to full rights on the network).
>
> I'm also looking for ways to authenticate against a central directory
> (Novell NDS in this case, but I might also want to do some of this at
> home where I don't run Novell).
>
> Warren, I'm pretty sure you have some experience with this; care to
> share? :)
>
> --MonMotha
>
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau






More information about the LUAU mailing list