nfs icon indicating copy to clipboard operation
nfs copied to clipboard

Published 20 hours ago verified publisher icon rook

Data-in-transit encryption support for NFS

Open hiteshmathur19 opened this issue 4 years ago • 1 comments

Is this a bug report or feature request?

  • Feature Request

What should the feature do: Based on - Starting NFS-V4, encryption of in-flight data is supported using TLS. NFS 4.1 supports the Kerberos authentication protocol to secure communications with the NFS server. Nonroot users can access files when Kerberos is used. Kerberos supports cryptographic algorithms that prevent unauthorized users from gaining access to NFS traffic.

Rook-ceph should also provide the data-in-transit encryption for NFS.

What is use case behind this feature: This bring security to data in transit in NFS provided by rook-ceph

hiteshmathur19 avatar Nov 12 '21 07:11 hiteshmathur19

Is this a request for the rook-nfs operator? If so, any solution would not be specific to ceph since any store can back the nfs server.

Or is this request is for rook-ceph using the CephNFS CRD, please open this issue in the rook/rook repo.

travisn avatar Nov 12 '21 15:11 travisn