Configuring Kerberos NFS Servers
NFS services use UNIX user IDs (UIDs) to identify a user and cannot directly use GSS credentials. To translate the credential to a UID, you might need to create a credential table that maps user credentials to UNIX UIDs. For information about the default credential mapping, see Map GSS Credentials to UNIX Credentials. The procedures in this section focus on the tasks that are necessary to configure a Kerberos NFS server, to administer the credential table, and to initiate Kerberos security modes for NFS-mounted file systems. The following task map describes the tasks that are covered in this section.
Table 4-6 Configuring Kerberos NFS Servers Task Map
|
|
|
|
Configure a Kerberos NFS server.
|
Enables a server to share a file system that requires Kerberos authentication.
|
|
|
Create a credential table and modify it.
|
Creates a credential table for mapping GSS credentials to UNIX UIDs when the default mapping is not sufficient, then adds an entry.
|
|
|
Map user credentials from another realm to UNIX UIDs.
|
Updates information in the credential table.
|
|
|
Create credential mappings between two like realms.
|
Maps UIDs from one realm to another where the realms share a password file.
|
|
|
Share a file system with Kerberos authentication.
|
Shares a file system with security modes so that Kerberos authentication is required.
|
|
|