> > 5. while we all know that secure RPC is a misnomer, since the only secure
> > part is the host authentication, and all of the data runs over the wire
> > as cleartext, what is the exact status of the Sec. RPC kernel support?
>
> Alexey Kutznetsov did a really secure RPC using MD5, I dont know what the
> current state of that is. Given that Elliptic curve appears patent free
> and diffie hellman has expired there is good scope for military spec
> secure RPC now.
The NFS code kernel patch in the linux-nfs package supports sun-style
secure RPC using DES keys. That code got scrapped during the
integration into 2.1 (because of the US export laws), but I think it
would be easy to generate an optional addon module to add it. The code
makes adding other authentification schemes very easy too.
-Andi