z/OS Network File System Guide and Reference
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Mount point establishment

z/OS Network File System Guide and Reference
SC23-6883-00

When a security flavor is not specified for an NFS V4 mount, the z/OS NFS client queries the supported security flavors on the NFS server using the SECINFO operation. The z/OS NFS client chooses a security flavor returned by the server based on the following order of preference:
sys
System Authentication
krb5
Kerberos V5 security providing integrity protection on the RPC header
krb5i
Kerberos V5 security providing integrity protection on the RPC header and the RPC data
krb5p
Kerberos V5 security providing encryption protection on the RPC data and integrity protection on the RPC header

The chosen security flavor serves as the designated flavor for the NFS client for all future accesses to this mount point.

The following should be noted with regards to Security Negotiation during mount point establishment:

  1. Security Negotiation during mount is not done when a security flavor is specified in the secure keyword.
  2. During mount when datacaching is specified and a security negotiation was attempted, Datacaching is turned off.
Parent topic: Security negotiation

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014