NFS over LAN seems to work as expected – one downloads nfs-utils rpm, makes a share, modifies ownership and SEL, allows nfs in firewalld, launches nfs-server daemon, and everything is good to go.
Wanting to access files over the internet, I setup an SSH tunnel, as a quick alternative to implementing and maintaining kerberos, however nothing is working as exptected.
Given the following topology:
NFS-server (192.168.1.2) – Gateway (LAN 192.168.1.1, WAN 1.2.3.4) – Internet – Home
I've tried setting up SSH tunnel directly to NFS server:
home: ssh -fNv -L 2049:localhost:2049 NFS-server
and via Gateway:
home: ssh -fNv -L 2049:192.168.2:2049 Gateway
Ultimately, when mounting either option on home pc,
home: mount -o port=2049 -t nfs localhost:/var/nfsshare /mnt
I get the same response – requested NFS version or transport protocol is not supported
I've been reading up peoples experience with NFS over SSH and it seems to range greatly, from people just getting it to work , to having to configure services never mentioned with plain NFS – i.e. rpcbind, nfs-lock, nfs-idmap.
So my question is, should NFS with SSH 'just work', or does SSH forwarding introduce something that NFS can't handle natively?
Best Answer
Turns out what was missing was
insecurein the exports option. Other than that, everything is behaving as expected