How to Share NFS Files With Diffie-Hellman Authentication

This procedure protects shared file systems on an NFS server by requiring authentication for access.

Before You Begin

Diffie-Hellman public key authentication must be enabled on the network. To enable authentication on the network, do one of the following:

• How to Set Up a Diffie-Hellman Key for an NIS+ Host

• How to Set Up a Diffie-Hellman Key for an NIS Host

1. Become superuser or assume a role that includes the System Management profile.

   The System Administrator role includes the System Management profile. To create the role and assign the role to a user, see Configuring RBAC (Task Map).

2. On the NFS server, share a file system with Diffie-Hellman authentication.

   # share -F nfs -o sec=dh /filesystem

   where filesystem is the file system that is being shared.

   The -o sec=dh option means that AUTH_DH authentication is now required to access the file system.

3. On an NFS client, mount a file system with Diffie-Hellman authentication.

   # mount -F nfs -o sec=dh server:filesystem mount-point

   server

   Is the name of the system that is sharing filesystem

   filesystem

   Is the name of the file system that is being shared, such as opt

   mount-point

   Is the name of the mount point, such as /opt

   The -o sec=dh option mounts the file system with AUTH_DH authentication.