> NFSv4 does indeed require the full kerberos encryption stuff in the
> kernel. The RFC specifies that krb5 support is a minimum requirement, and we
> will expect to have that in 2.6 (or 3.0 or whatever it's called these
> days...)
Might this be something I can make use of for my AFS filesystem too?
David
On Oct 04, 2002 16:35 +0100, David Howells wrote:
>
> > NFSv4 does indeed require the full kerberos encryption stuff in the
> > kernel. The RFC specifies that krb5 support is a minimum requirement, and we
> > will expect to have that in 2.6 (or 3.0 or whatever it's called these
> > days...)
>
> Might this be something I can make use of for my AFS filesystem too?
We will also need kerberos for Lustre when we start implementing
security. We will be using the GSSAPI for security, so basically
the same as what AFS is using.
Cheers, Andreas
--
Andreas Dilger
http://www-mddsp.enel.ucalgary.ca/People/adilger/
http://sourceforge.net/projects/ext2resize/
>>>>> " " == David Howells <[email protected]> writes:
>> NFSv4 does indeed require the full kerberos encryption stuff in
>> the kernel. The RFC specifies that krb5 support is a minimum
>> requirement, and we will expect to have that in 2.6 (or 3.0 or
>> whatever it's called these days...)
> Might this be something I can make use of for my AFS filesystem
> too?
Possibly. Our intention is to integrate the RPCSEC_GSS security
protocol (see RFC2203) into the sunrpc code, then use krb5 as one of
the authentication flavours.
Whereas I doubt that AFS uses RPCSEC_GSS, I believe that the kerberos
code itself (+ upcall mechanism for getting user tokens etc.) could be
reused by you. I presume that you would make use of the sunrpc code
too?
Cheers,
Trond