From owner-freebsd-questions@FreeBSD.ORG Fri Jul 6 17:22:25 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9B443106566B for ; Fri, 6 Jul 2012 17:22:25 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) by mx1.freebsd.org (Postfix) with ESMTP id 522608FC1E for ; Fri, 6 Jul 2012 17:22:25 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1SnCEZ-00054R-Ba for freebsd-questions@freebsd.org; Fri, 06 Jul 2012 19:22:23 +0200 Received: from cpc3-walt15-2-0-cust148.13-2.cable.virginmedia.com ([86.21.186.149]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 06 Jul 2012 19:22:23 +0200 Received: from walterhurry by cpc3-walt15-2-0-cust148.13-2.cable.virginmedia.com with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 06 Jul 2012 19:22:23 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-questions@freebsd.org From: Walter Hurry Date: Fri, 6 Jul 2012 17:22:12 +0000 (UTC) Lines: 48 Message-ID: References: <20120706164202.GA59409@neutralgood.org> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: cpc3-walt15-2-0-cust148.13-2.cable.virginmedia.com User-Agent: Pan/0.135 (Tomorrow I'll Wake Up and Scald Myself with Tea; GIT 30dc37b master) Subject: Re: NFS mount error: RPCPROG_MNT: RPC: Authentication error; why = Client credential too weak X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jul 2012 17:22:25 -0000 On Fri, 06 Jul 2012 12:42:02 -0400, kpneal wrote: > On Fri, Jul 06, 2012 at 04:03:27PM +0000, Walter Hurry wrote: >> I am running FreeBSD 9.0-RELEASE (64 bit), with a VirtualBox VM also >> running the same. >> >> On the host I am running NFS server: >> >> $ showmount -e Exports list on localhost: >> /usr/home Everyone >> >> But when I try to mount is on the client (the VM guest) I get this: >> >> # mount xxxxxx:/usr/home /mnt [tcp] xxxxxx:/usr/home: RPCPROG_MNT: RPC: >> Authentication error; why = Client credential too weak # >> >> On the server, in /var/log/messages I see this: >> >> mountd[29140]: mount request from nnn.nnn.nnn.nnn from unprivileged >> port >> >> So I infer that the 'unprivileged port' bit is the problem. > > That's odd. At 8.2 the documentation (man page) on mount_nfs says that > reserved ports are the default. I'd be surprised if 9.0 was different. > *shrug* > > Try running mountd with the "-n" option. If I understand the man page > then it allows mountd to accept mounts from port numbers less than 1024. > Note that the mountd protocol is distinct from the NFS protocol and so > rpcinfo can't really tell you anything about mountd. Thanks. Yes, the mount worked fine on the client when the server mountd was started with the "-n" option. That leads me to two more questions: Why would mount_nfs be using an unprivileged port by default? As far as I can see from "man mount_nfs" the only relevant option would be (section of manpage reformatted for convenience): port=⟨port_number⟩ Use specified port number for NFS requests. The default is to query the portmapper for the NFS port. I'm afraid that due to my lack of knowledge in this area, that doesn't mean a lot to me. Are there security implications in using an "unprivileged port"?