lazlo.vii Posted November 14, 2018 Report Share Posted November 14, 2018 For a long time I have wanted a simple and secure way to deploy NFS. While there are some options such as Kerberos it's not what I would call easy to set up. This may change based on what I read here: https://tools.ietf.org/html/draft-cel-nfsv4-rpc-tls-00 I won't claim to understand a lot of what is there. If this becomes the new standard for NFS or even RPC in general could it then be possible to add USE="tls" to a later version of the packages and have it work "out of the box" with a stable and sane default config? If someone has a valid SSL/TLS cert via Let's Encrypt could that same cert be used for encrypting all of their NFS and/or RPC traffic? Thanks for putting up with my questions. Link to comment Share on other sites More sharing options...
cuantar Posted January 8, 2019 Report Share Posted January 8, 2019 the proposal has been updated: https://tools.ietf.org/html/draft-cel-nfsv4-rpc-tls-01 I like this and hope it comes to fruition. Encrypted nfs without having to engineer something using other tools (e.g. stunnel) would be great. I've had trouble getting nfs and kerberos to interact properly in my environments. Link to comment Share on other sites More sharing options...
Recommended Posts