sNFS: secure NFS

sNFS provides NFS over SSL using our SSL wrapper library libsslfd.


Transporting NFS over SSL means that: The server is designed to be run from inetd and without a portmapper and supports UPD and plain TCP in addition to SSL. Obviously SSL should be used for security.


sNFS is focused on being secure rather than fast. Performance of the server is about 25% of a kernel based NFS running on the same machine. The performance of snfsc (the RPC shuffler needed for SSL and for TCP on many platforms) is even worse as it has to unpack/pack each RPC twice.

Note though that we have heard of sNFS being used for nightly backup of more than 50Gb of filesystems.


The server snfsd has been tested by us on NetBSD, SunOS 4.X, Solaris 5.X, and HP-UX 10. It is reasonably portable.

The client snfsc is much more system specific. It has only been ported and tested on NetBSD, SunOS 4.X and Solaris 5.X. Porting to source based systems such as FreeBSD, OpenBSD and Linux should not be a problem, but ports to other commercial systems are likely to require vendor assistance.


We are in the process of re-evaluating how to make sNFS available now that we are located in the U.S. Feel free to e-mail sales with questions.

$Id: sNFS.html,v 1.2 1999/10/01 02:00:46 sjg Exp $
Copyright © 1997-2001 Crufty.NET