How to set up NFS client for Kerberized access in Solaris
Alok Gore
alokgore at rediffmail.com
Mon May 3 04:45:39 EDT 2004
Hi Group,
This is Alok Gore from Bangalore India.
I was trying to set up Kerberized NFS client-server environment in my
LAN.
I am using Solaris 8 machines as NFS client/server and Linux machine
as the KDC (MIT KDC).
I installed the SEAM packages needed for the Kerberized NFS Setup on
the machine.
I am able to export a path from NFS Server with Krb5 Security mode.
#share
- /alok/1 rw ""
- /alok/2 sec=krb5 ""
I am able to mount this path from the Client machine with Krb5
Security mode.
#mount -o sec=krb5 nfs-alok:/alok/2 /nfs
#mount
/nfs on nfs-alok:/alok/2 remote/read/write/setuid/sec=krb5/dev=2e40006
on Mon May 3 09:02:27 2004
But I can't access/list the mounted directory. It says permission
denied.
#ls /nfs
/nfs: Permission denied
I have the nfs.server-hostname at REALM-NAME principal for the nfs server
in KDC and I have the keytab file containing this principal on the
server. The KDC also has a principal root.client-hostname at REALM-NAME
for client. Am I missing something ?
I am not seeing any traffic on the wire when I get this permission
denied message. (May be the client decides locally that it does not
have enough rights to authenticate itself to NFS Server)
Is it because I am using MIT KDC ??
Thanks in advance,
-Alok Gore.
More information about the Kerberos
mailing list