NFS Services Administrator's Guide
Configuring and Administering NFS Services
Configuring and Administering an NFS Server
Chapter 264
root 1139 1 0 Feb 9 ? 0:00
/opt/krb5/sbin/kdcd
root 1154 1 0 Feb 9 ? 15:33
/opt/krb5/sbin/kadmind
This indicates that the Kerberos daemons are running.
5. To verify that the underlying GSS-API framework is working
properly, run the sample program /usr/contrib/gssapi/sample.
In this example, the following setup was used to run the program:
GSS-API Server Host: krbsrv39
GSS-API Client Host: krbcl145
The output generated is similar to the one displayed for the
Configuring Secure NFS server with Kerberos procedure.
6. Modify the /etc/nfssec.conf file and uncomment the entries for
krb5, krb5i, and krb5p based on the security protocol you choose.
You can decide to choose all the versions as shown in the example in
the Secure NFS server configuration.
7. To mount a directory or filesystem with the Kerberos security option,
enter the following command:
mount –o sec=<Kerberos protocol version> <svr:/dir>
</mount-point>
Where,
-o Enables you to use some of the specific options of
the share command, such as sec, async, public,
and others.
sec Enables you to specify the security mode to be
used. Specify krb5 as the kerberos protocol version.
<svr:/dir> Enables you to specify the location of the directory.
</mount-point> Enables you to specify the mount-point location
where the filesystem is mounted.
An initial ticket grant is carried out when the user accesses the
mounted filesystem.