Kerberized NFS Vs NFS over VPN tunnel
san_patil at hotmail.com
Sun Mar 6 23:15:18 EST 2011
I have been a big fan of Kerberos and kerberized NFS. While Kerberized NFS provides granular per message encryption (krb5p, krb5i etc) between the kerberized NFS client and kerberized NFS server (per mount basis), what would be the additional advantages of deploying kerberized NFS infrastructure as opposed to having VPN tunnel between the NFS client and NFS server?
In other words does a VPN tunnel between NFS client system and NFS server system override the need to have a kerberized NFS infrastructure ?
Any valued thoughts will help understand this choices a real-time deployment can make.
More information about the krbdev