使用 krb5 安全性的 NFSv4 挂载失败,并显示 "access denied b 服务器 " ,因为加密不受支持
适用场景
- ONTAP 9
- NFSv4
- Kerberos
问题描述
- 在使用的NFSv4挂载上
sec=krb5
,挂载失败access denied by server while mounting nfs-svm.example.com:/nfs_krb5_mnt
- 使用
sec=sys
成功挂载NFSv4。 - ONTAP 报告此问题、如下所示:
Cluster1::> event log show -node node1 -message-name secd*
Time Node Severity Event
------------------- ---------------- ------------- ---------------------------
5/9/2021 14:09:51 node1 ERROR secd.nfsAuth.problem: vserver (svm01) General NFS authorization problem. Error: RPC accept GSS token procedure failed
[ 0 ms] Using the NFS service credential for logical interface 1030 (SPN='nfs/xxxxxxxxx') from cache.
**[ 1] FAILURE: Failed to accept the context: Unspecified GSS failure. Minor code may provide more information (minor: Encryption type ArcFour with HMAC/md5 not permitted).