From: Michael Weiser <M.Weiser@science-computing.de>
To: Kevin Coffman <kwc@umich.edu>
Cc: linux-nfs@vger.kernel.org
Subject: Re: NFSv4 post-1.2.2 nfs-utils client fails to mount from pre-1.2.3 nfs-utils server
Date: Mon, 19 Mar 2012 14:00:43 +0100 [thread overview]
Message-ID: <20120319130043.GG9020@science-computing.de> (raw)
In-Reply-To: <20120314134829.GA943@science-computing.de>
Hello Kevin,
Hello list,
On Wed, Mar 14, 2012 at 02:48:29PM +0100, Michael Weiser wrote:
> So the client's ticket for the server is encrypted using arcfour-hmac
> but the session key contained therein is only des-cbc-crc.
> This behaviour works so seamlessly, that I had assumed, it's intentional.
> Are you telling me, that it is neither intended nor supported?
> If so: Isn't this something we'd want to have? I accept that it's not
> much use from an interoperability point of view but it sure simplifies
> administration in a Linux-only environment. Doesn't this also have at
> least some positive security impact? And as I've said, it greatly
> simplifies Linux admins' life in an Active Directory 2008 R2+
> environment where AD administrators will be very reluctant to change the
> domain security policy for those obscure Linux boxes.
Any thoughts on this, anyone?
If nobody objects, I'd resubmit my patch to gssd with some cleanup and
documentation.
Thanks,
--
Michael Weiser science + computing ag
Senior Systems Engineer Geschaeftsstelle Duesseldorf
Martinstrasse 47-55, Haus A
phone: +49 211 302 708 32 D-40223 Duesseldorf
fax: +49 211 302 708 50 www.science-computing.de
--
Vorstandsvorsitzender/Chairman of the board of management:
Gerd-Lothar Leonhart
Vorstand/Board of Management:
Dr. Bernd Finkbeiner, Michael Heinrichs,
Dr. Arno Steitz, Dr. Ingrid Zech
Vorsitzender des Aufsichtsrats/
Chairman of the Supervisory Board:
Philippe Miltin
Sitz/Registered Office: Tuebingen
Registergericht/Registration Court: Stuttgart
Registernummer/Commercial Register No.: HRB 382196
next prev parent reply other threads:[~2012-03-19 13:10 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-12 20:02 NFSv4 post-1.2.2 nfs-utils client fails to mount from pre-1.2.3 nfs-utils server Michael Weiser
2012-03-12 20:24 ` Jim Rees
2012-03-12 21:10 ` Kevin Coffman
2012-03-12 21:57 ` Michael Weiser
2012-03-13 13:51 ` Kevin Coffman
2012-03-13 14:42 ` Michael Weiser
2012-03-13 18:53 ` Kevin Coffman
2012-03-14 13:48 ` Michael Weiser
2012-03-19 13:00 ` Michael Weiser [this message]
2012-03-20 11:27 ` Steve Dickson
2012-03-20 17:44 ` Michael Weiser
2012-03-29 14:02 ` Michael Weiser
2012-04-12 14:43 ` Steve Dickson
2012-04-12 15:49 ` Michael Weiser
2012-04-12 16:02 ` Steve Dickson
2012-04-13 12:34 ` Michael Weiser
2012-04-16 10:51 ` Steve Dickson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120319130043.GG9020@science-computing.de \
--to=m.weiser@science-computing.de \
--cc=kwc@umich.edu \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.