Re: Is there any encrypted or secure NFS?

[Antonio Rodriguez <arodriguez31@cfl.rr.com>]

On Sat, Jan 03, 2004 at 02:36:33PM -0800, Alvin Oga wrote:
> 
> > > > Antonio> What would be the best route to establish an encrypted or
> > > > Antonio> secure nfs session? I would like to be able to mount a faraway
> > > > Antonio> (debian) machine with confidence of not being observed. Any
> > > > Antonio> ideas?  Thanks.
> > > 
> > > use secure rpc
> > > use secure portmap
> > > use secure nfs
> > > use scp/ssh  --> use a good hard to guess/type passphrase
> > 
> > Isn't it possible to mount drives with ssh, so it does the scp 
> > tranparently?
> 
> regardless of method .... the basic underlying nfs structure is insecure
> so you're supposed to replace the insecure portmap, rpc services with
> something more secure
> 	http://www.linux-sec.net/FileSystem/#NFS
> 
> 	- crackers can get into your box via nfs vulnerabilities
> 	because you have it "on" ( big problem )
> 
> 	or start on another path of coda, intermezzo, afs, ...
> 	( more fun and tricks )
> 
> 	- or even better, use an encrypted fs.. than its no longer an
> 	issue

Any pointers to encrypted fs?