Re: Is there any encrypted or secure NFS?
On Sat, Jan 03, 2004 at 02:36:33PM -0800, Alvin Oga wrote:
>
> > > > Antonio> What would be the best route to establish an encrypted or
> > > > Antonio> secure nfs session? I would like to be able to mount a faraway
> > > > Antonio> (debian) machine with confidence of not being observed. Any
> > > > Antonio> ideas? Thanks.
> > >
> > > use secure rpc
> > > use secure portmap
> > > use secure nfs
> > > use scp/ssh --> use a good hard to guess/type passphrase
> >
> > Isn't it possible to mount drives with ssh, so it does the scp
> > tranparently?
>
> regardless of method .... the basic underlying nfs structure is insecure
> so you're supposed to replace the insecure portmap, rpc services with
> something more secure
> http://www.linux-sec.net/FileSystem/#NFS
>
> - crackers can get into your box via nfs vulnerabilities
> because you have it "on" ( big problem )
>
> or start on another path of coda, intermezzo, afs, ...
> ( more fun and tricks )
>
> - or even better, use an encrypted fs.. than its no longer an
> issue
Any pointers to encrypted fs?
Reply to: