On Tue, Jun 15, 2010 at 09:07:35AM +0200, John S. Skogtvedt wrote:
sorry for my late entry to the discussion on kerberos. It's really good that you're working on it.I wonder, has anybody thought about how to implement Kerberos+NFSv4 on diskless clients?My understanding is that every workstation needs to have a "$hostname/nfs" principal in Kerberos, with a secret key. Every machine which presents a correct principal and key can read the exported filesystem, but to write to it you need to authenticate to kerberos (with a user principal). If any of this is incorrect, please correct me.As the diskless filesystem is (by necessity) available to anyone, putting Kerberos keys for all clients there would be no more secure than NFSv3. One idea is to put the key on a HD or CF card, another is to put the encrypted keys in the chroot and prompt the admin for the password at boot. Of course, both of these suffer from the problem that the server can't be trusted (e.g. a second server on the network serving a filesystem which gathers keys and passwords).
How about this: 1) Serve (like now?) root filesystem read-only using unencrypted nfs 2) Add (like now?) local ram-based overlays to writable parts like /var 3) Authenticate using Kerberos at login time 4) Mount /home using nfs v4 - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
Description: Digital signature