First login doesn't mount NFS automounted home directory

Kyle McDonald kjm at coe.neu.edu
Thu Nov 5 20:52:05 GMT 1998 

Hi,

    Are you using the -secure option on the NFS mount?
    This enables Secure RPC's and requires that the KeyServer
    on the UNIX machine have the users credentials cached.
    Secure RPC's are available by default if you are using NIS+
    But NFS won't use them unless the disk is (both?) exported
    and/or mounted with the -secure option.

    The keyserver caches the credentials when they are
    passed to it by either keylogin, login, or dtlogin which
    unencrypt them using the users password. If these programs
    aren't run (or don't have access to the password) then
    they are unable to unencrypt the credentials and store
    them in the keyserver.

    I'm guessing that the reason it works after the user logs
    in is that login or dtlogin, have unencrypted them, and passed
    them on to the keyserver which will then store them until
    it dies (i.e. reboots)

    I have this problem in several non-samba places. And from
    what you've told me I will have it again with samba when
    I try to start using it for more things.

    The keyserver api is pretty well documented (and simple.)
    If Samba has access to the plain-text password, it could
    make all the same calls to the keyserver that keylogin
    does.

    I have hacked keylogin for my own purposes already ( being
    and .edu has it's advantages -> Solaris source code.)
    It's really a pretty simple program. I just don't know if
    Samba will have the clear text password under all the
    required circumstances.

    The quick fix is to not do the NFS mounts with the -secure
    option.

        -Kyle


--
                                   _
-------------------------------ooO( )Ooo-------------------------------
Kyle J. McDonald                 (o o)                 Systems Analyst/
Northeastern University          |||||          Applications Programmer
College of Engineering                          email:  kjm at coe.neu.edu
360 Huntington Ave. 230SN        \\\//          voice:    (617)373-3361
Boston MA 02115                  (o o)            fax:    (617)373-8504
-------------------------------ooO(_)Ooo-------------------------------

-------------- next part --------------
HTML attachment scrubbed and removed

More information about the samba-ntdom mailing list