Chapter 4. RPC Authentication
How does an RPC service like NFS identify a client? Is the client’s hostname sufficient if multiple users can log into the client computer? RPC authentication addresses this problem. It allows the server to identify the sender of each RPC request, which we will further refer to as a principal. A principal may identify some service on a client computer (such as a superuser or administrator) or a person (e.g., Bob or Alice).
This chapter describes several types of authentication credentials. By far the most commonly used for NFS is the easy-to-use but notoriously insecure AUTH_SYS credential. The secure Diffie-Hellman and Kerberos credentials are much less commonly used because they are more difficult to implement ...
Get NFS Illustrated now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
