Re: [ceph-devel] Ceph Authentication and Authorization

On Fri, 14 Aug 2009, Adam Lewis wrote: > Sage, > > > I suspect most users will be satisfied with the ability to delegate trust to > > (root on) a client host mounting the fs, as they're accustomed to doing > > with NFS. > > Don't assume that I'm satisfied with anything I'm accustomed to doing > w

Re: [ceph-devel] Ceph Authentication and Authorization

Sage, > I suspect most users will be satisfied with the ability to delegate trust to > (root on) a client host mounting the fs, as they're accustomed to doing > with NFS. Don't assume that I'm satisfied with anything I'm accustomed to doing with NFS ;) Okay, back to lurking. Adam On Fri, Aug

Re: [ceph-devel] Ceph Authentication and Authorization

Hi Ethan! On Fri, 14 Aug 2009, Ethan L. Miller wrote: > Andrew Leung, Stephanie Jones, and I designed a protocol to do this in > 2007. You should look at the paper we wrote: > This protocol deals primarily with the problem of authorizing clients t

Re: [ceph-devel] Ceph Authentication and Authorization

Andrew Leung, Stephanie Jones, and I designed a protocol to do this in 2007. You should look at the paper we wrote: The protocol we designed used the MDS to hand out keys, and supported group authentication as well as expiring keys with group ren

[ceph-devel] Ceph Authentication and Authorization

We're currently working on an authentication module for ceph. This will allow us both keeping the cluster secured internally, as no bad servers will be able to join the cluster, and both externally. E.g., only permitted clients will be able to do certain specified operations. This is just a rough d