Hi, currently I have an share on my WD My Cloud configured to Public. It works ok, but I want to somehow limit it’s access without switching to SMB or FTP access. It’s not shared outside of my LAN private network, but I still don’t want any computer with the wifi password (of which there are quite a few) to be able to just look through my documents.
Ideally I’d just enter a user and password like it works with samba/windows shares, but apparently NFS does not support user/password authentification, instead it supports IP auth and UID auth, both of which can be easy to fake. Just configure ip static and create a new user with that id right? Or I’m missing something and UID auth is actually more than a wide open door.
I think kerberos might suit my purpose, but I need some extra packages, these packages (krb5-kdc being one) are available through apt-get, but they are probably 4k packages that might brick my device and/or not work at all, right? Do I need to set up that VM build environment to install kerberos packages? Should I downgrade to 3.x firmware? Is it easier to get something like a raspberry pi to act as a kerberos server and somehow limit access to the NAS with that?
Any advice is appreciated, the objective is that only known clients can access the NFS share, even in the LAN, so mac address restriction would work too, but only on the non-public shares if possible.