Date: Fri, 5 Oct 2018 02:22:17 +0000 From: Rick Macklem <rmacklem@uoguelph.ca> To: Felix Winterhalter <felix@audiofair.de>, "freebsd-fs@freebsd.org" <freebsd-fs@freebsd.org> Subject: Re: NFSv4 Kerberos mount from Linux Message-ID: <YTOPR0101MB18200565BB9457062D3D8D85DDEB0@YTOPR0101MB1820.CANPRD01.PROD.OUTLOOK.COM> In-Reply-To: <YTOPR0101MB1820A5756D172342AF441C25DDEA0@YTOPR0101MB1820.CANPRD01.PROD.OUTLOOK.COM> References: <30f6446c-6fed-4b1e-9cae-9c417974ec46@audiofair.de>, <YTOPR0101MB1820A5756D172342AF441C25DDEA0@YTOPR0101MB1820.CANPRD01.PROD.OUTLOOK.COM>
index | next in thread | previous in thread | raw e-mail
I wrote:
[stuff snipped]
Btw, if you only mounting "/testexport", you can specify the "V4:" as
"if you are only.." typo
[more stuff snipped]
>Btw, in case the Linux client is falling back on using AUTH_SYS at some point
>during the mount, you could try allowing both krb5 and auth_sys by setting
>"-sec=sys,krb5,krb5i,krb5p" for both of the above lines. (I'd also suggest you
Oops, the syntax is "-sec=sys:krb5:krb5i:krb5p" (':'s and not ','s)
And if you want to capture packets during a Linux mount attempt, you can
run this on the FreeBSD server:
# tcpdump -s 0 -w out.pcap host <client-host>
However you will want to look at out.pcap in wireshark, since it can decode NFS.
Good luck with it and please let us know if you learn more, rick
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YTOPR0101MB18200565BB9457062D3D8D85DDEB0>