Re: [Users] Best practice for securing oVirt's NFS mounts

to not trust any LAN resource without strong authentication mechanisms. Am 11.03.2014 18:23, schrieb Prakash Surya: Is the best option to just limit access to these NFS exports to the IP addresses of the hypervisor nodes (and maybe the engine)? -- Mit freundlichen Grüßen / Regards Sven

Re: [Users] Best practice for securing oVirt's NFS mounts

On Wed, Mar 12, 2014 at 11:05:34AM +0100, Jiri Belka wrote: On Tue, 11 Mar 2014 10:23:19 -0700 Prakash Surya sur...@llnl.gov wrote: Hi, All the documentation I've seen states that the oVirt NFS storage should use the all_squash,anonuid=36,anongid=36 options. Obviously this isn't

[Users] Best practice for securing oVirt's NFS mounts

Hi, All the documentation I've seen states that the oVirt NFS storage should use the all_squash,anonuid=36,anongid=36 options. Obviously this isn't secure, so I'm curious how others have locked down their NFS storage? Is the best option to just limit access to these NFS exports to the IP