From: Steve Dickson <SteveD@redhat.com>
To: Michael Weiser <M.Weiser@science-computing.de>
Cc: Kevin Coffman <kwc@umich.edu>, linux-nfs@vger.kernel.org
Subject: Re: NFSv4 post-1.2.2 nfs-utils client fails to mount from pre-1.2.3 nfs-utils server
Date: Tue, 20 Mar 2012 07:27:18 -0400 [thread overview]
Message-ID: <4F686996.5050108@RedHat.com> (raw)
In-Reply-To: <20120319130043.GG9020@science-computing.de>
Hello,
On 03/19/2012 09:00 AM, Michael Weiser wrote:
> Hello Kevin,
> Hello list,
>
> On Wed, Mar 14, 2012 at 02:48:29PM +0100, Michael Weiser wrote:
>
>> So the client's ticket for the server is encrypted using arcfour-hmac
>> but the session key contained therein is only des-cbc-crc.
>
>> This behaviour works so seamlessly, that I had assumed, it's intentional.
>> Are you telling me, that it is neither intended nor supported?
>
>> If so: Isn't this something we'd want to have? I accept that it's not
>> much use from an interoperability point of view but it sure simplifies
>> administration in a Linux-only environment. Doesn't this also have at
>> least some positive security impact? And as I've said, it greatly
>> simplifies Linux admins' life in an Active Directory 2008 R2+
>> environment where AD administrators will be very reluctant to change the
>> domain security policy for those obscure Linux boxes.
>
> Any thoughts on this, anyone?
The fact you are making it simpler for admins is a good thing IMHO...
>
> If nobody objects, I'd resubmit my patch to gssd with some cleanup and
> documentation.\
No, Please do...
steved.
next prev parent reply other threads:[~2012-03-20 11:27 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-12 20:02 NFSv4 post-1.2.2 nfs-utils client fails to mount from pre-1.2.3 nfs-utils server Michael Weiser
2012-03-12 20:24 ` Jim Rees
2012-03-12 21:10 ` Kevin Coffman
2012-03-12 21:57 ` Michael Weiser
2012-03-13 13:51 ` Kevin Coffman
2012-03-13 14:42 ` Michael Weiser
2012-03-13 18:53 ` Kevin Coffman
2012-03-14 13:48 ` Michael Weiser
2012-03-19 13:00 ` Michael Weiser
2012-03-20 11:27 ` Steve Dickson [this message]
2012-03-20 17:44 ` Michael Weiser
2012-03-29 14:02 ` Michael Weiser
2012-04-12 14:43 ` Steve Dickson
2012-04-12 15:49 ` Michael Weiser
2012-04-12 16:02 ` Steve Dickson
2012-04-13 12:34 ` Michael Weiser
2012-04-16 10:51 ` Steve Dickson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F686996.5050108@RedHat.com \
--to=steved@redhat.com \
--cc=M.Weiser@science-computing.de \
--cc=kwc@umich.edu \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.