Re: NFS4 kerberos

2017-08-02 Thread Rick Stevens
On 08/02/2017 08:14 AM, Louis Garcia wrote: > On Tue, Aug 1, 2017 at 9:36 PM, Rick Stevens > wrote: > > On 08/01/2017 06:06 PM, Louis Garcia wrote: > > should I have SECURE_NFS=yes in /etc/sysconfig/nfs ? > > We kind of dislike top-posting on the list. N

Re: NFS4 kerberos

2017-08-02 Thread Louis Garcia
On Tue, Aug 1, 2017 at 9:36 PM, Rick Stevens wrote: > On 08/01/2017 06:06 PM, Louis Garcia wrote: > > should I have SECURE_NFS=yes in /etc/sysconfig/nfs ? > > We kind of dislike top-posting on the list. No biggie, but try to > refrain from top-posting if you can. > > As to your problem, the firs

Re: NFS4 kerberos

2017-08-01 Thread Rick Stevens
On 08/01/2017 06:06 PM, Louis Garcia wrote: > should I have SECURE_NFS=yes in /etc/sysconfig/nfs ? We kind of dislike top-posting on the list. No biggie, but try to refrain from top-posting if you can. As to your problem, the first thing is to add "debug true" to /etc/gssproxy/99-nfs-client.conf

Re: NFS4 kerberos

2017-08-01 Thread Louis Garcia
should I have SECURE_NFS=yes in /etc/sysconfig/nfs ? On Tue, Aug 1, 2017 at 7:35 PM, Louis Garcia wrote: > Does this have anything todo with gssproxy on the client? I did not know I > had to configure that. > > On Tue, Aug 1, 2017 at 7:20 PM, Louis Garcia wrote: > >> I found this on the client

Re: NFS4 kerberos

2017-08-01 Thread Louis Garcia
Does this have anything todo with gssproxy on the client? I did not know I had to configure that. On Tue, Aug 1, 2017 at 7:20 PM, Louis Garcia wrote: > I found this on the client. > > gssproxy[661]: gssproxy[672]: (OID: { 1 2 840 113554 1 2 2 }) Unspecified > GSS failure. Minor code may provide

Re: NFS4 kerberos

2017-08-01 Thread Louis Garcia
I found this on the client. gssproxy[661]: gssproxy[672]: (OID: { 1 2 840 113554 1 2 2 }) Unspecified GSS failure. Minor code may provide more information, No credentials cache found gssproxy[672]: (OID: { 1 2 840 113554 1 2 2 }) Unspecified GSS failure. Minor code may provide more information, N

Re: NFS4 kerberos

2017-08-01 Thread Rick Stevens
On 08/01/2017 03:24 PM, Louis Garcia wrote: > I've setup a kdc server and I'm able to kinit from my client and get a > ticket for ssh, nfs. I'm noticing nfs slow to mount, and disconnects > randomly when mounted with sec=krb5p. When I mount insecurely this does > not happen. I read that this has to

NFS4 kerberos

2017-08-01 Thread Louis Garcia
I've setup a kdc server and I'm able to kinit from my client and get a ticket for ssh, nfs. I'm noticing nfs slow to mount, and disconnects randomly when mounted with sec=krb5p. When I mount insecurely this does not happen. I read that this has to do with gss but have not found a solution. thanks.