This procedure protects shared file systems on an NFS server by requiring authentication for access.
Diffie-Hellman public key authentication must be enabled on the network. To enable authentication on the network, do one of the following:
Become superuser or assume a role that includes the System Management profile.
The System Administrator role includes the System Management profile. To create the role and assign the role to a user, see Configuring RBAC (Task Map).
On the NFS server, share a file system with Diffie-Hellman authentication.
# share -F nfs -o sec=dh /filesystem |
where filesystem is the file system that is being shared.
The -o sec=dh option means that AUTH_DH authentication is now required to access the file system.
On an NFS client, mount a file system with Diffie-Hellman authentication.
# mount -F nfs -o sec=dh server:filesystem mount-point |
Is the name of the system that is sharing filesystem
Is the name of the file system that is being shared, such as opt
Is the name of the mount point, such as /opt
The -o sec=dh option mounts the file system with AUTH_DH authentication.