Date: Fri, 5 Oct 2018 02:22:17 +0000 From: Rick Macklem <rmacklem@uoguelph.ca> To: Felix Winterhalter <felix@audiofair.de>, "freebsd-fs@freebsd.org" <freebsd-fs@freebsd.org> Subject: Re: NFSv4 Kerberos mount from Linux Message-ID: <YTOPR0101MB18200565BB9457062D3D8D85DDEB0@YTOPR0101MB1820.CANPRD01.PROD.OUTLOOK.COM> In-Reply-To: <YTOPR0101MB1820A5756D172342AF441C25DDEA0@YTOPR0101MB1820.CANPRD01.PROD.OUTLOOK.COM> References: <30f6446c-6fed-4b1e-9cae-9c417974ec46@audiofair.de>, <YTOPR0101MB1820A5756D172342AF441C25DDEA0@YTOPR0101MB1820.CANPRD01.PROD.OUTLOOK.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
I wrote:
[stuff snipped]
Btw, if you only mounting "/testexport", you can specify the "V4:" as
"if you are only.." typo
[more stuff snipped]
>Btw, in case the Linux client is falling back on using AUTH_SYS at some po=
int
>during the mount, you could try allowing both krb5 and auth_sys by setting
>"-sec=3Dsys,krb5,krb5i,krb5p" for both of the above lines. (I'd also sugge=
st you
Oops, the syntax is "-sec=3Dsys:krb5:krb5i:krb5p" (':'s and not ','s)
And if you want to capture packets during a Linux mount attempt, you can
run this on the FreeBSD server:
# tcpdump -s 0 -w out.pcap host <client-host>
However you will want to look at out.pcap in wireshark, since it can decode=
NFS.
Good luck with it and please let us know if you learn more, rick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YTOPR0101MB18200565BB9457062D3D8D85DDEB0>