Date: Tue, 20 Feb 2001 16:14:23 -0800 From: lists <lists@lists.grot.org> To: Kris Kennaway <kris@FreeBSD.ORG> Cc: freebsd-security@freebsd.org Subject: Re: Encrypted networked filesystem needed Message-ID: <20010220161423.A34880@mighty.grot.org> In-Reply-To: <20010112174616.D23818@citusc.usc.edu>; from kris@FreeBSD.ORG on Fri, Jan 12, 2001 at 05:46:16PM -0800 References: <00aa01c07cbd$71209dc0$0c00a8c0@ipform.ru> <Pine.LNX.4.30.0101122013350.25136-100000@jamus.xpert.com> <20010112174616.D23818@citusc.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jan 12, 2001 at 05:46:16PM -0800, Kris Kennaway wrote: > On Fri, Jan 12, 2001 at 08:22:58PM +0200, Roman Shterenzon wrote: > > > If IPSec is supported on both sides, it is the best available solution. > > You'll get a completely transparent encryption and a powerful NFSv3 > > server/client. Did I mention that FreeBSD rocks? > > This way all network services will be secured and since the most of IPSec > > (AH/ESP) is done in the kernel mode, it'll be quite fast even on > > moderate hardware. > > Unfortunately I think there are some layering bugs with NFS + IPSEC on > FreeBSD - I have had lots of NFS filesystem wedges when testing this. Is there an open pr on this or has it been fixed/addressed in 4.2-STABLE? I've been trying it and it has worked for 24+ hours without problems (albeit very low NFS traffic) as long as I don't use racoon... Thanks, Adi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010220161423.A34880>