RPC R Can't authenticate (too weak)

Sunmanagers,

I have a i86pc NFS client that cannot mount (automount or otherwise) a shared directory (/export/home) off my NFS server. The client (SunOS nfsclient 5.10 Generic_118844-20 i86pc i386 i86pc) is set up the same as the rest of my clients, which are working correctly. The client can mount other shared directories off other NFS servers. The only difference is that this client is dual-homed but the interfaces are physical, not virtual.

nfsclient# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 192.168.xx.xx netmask ffffff00 broadcast 192.168.xx.255
ether 0:12:3f:20:9:30
e1000g1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 172.20.xx.xx netmask ffffffe0 broadcast 172.20.xx.xxx
ether 0:12:3f:20:9:31

nfsclient's messages file is filled with permission denied messages:

Dec 19 15:25:24 nfsclient nfs: [ID 664466 kern.notice] NFS fsinfo failed for server nfsserv: error 7 (RPC: Authentication error)
Dec 19 15:25:24 nfsclient automountd[331]: [ID 834250 daemon.error] Mount of nfsserv:/export/home on /home/nfsserv: Permission denied

When I try to cd into /home/nfsserv, I get a "No such file or directory" message.

When I try and mount nfsserv:/export/home directly to /mnt or cd to /net/nfsserv/export I get Permission denied.

My nfs server (SunOS nfsserv 5.8 Generic-108528-24 sun4u sparc SUNW, Ultra-250) isn't complaining except for the following snoop output I collected when trying to mount /export/home on the client:

# snoop nfsserv
Using device /dev/e1000g (promiscuous mode)
nfsclient -> nfsserv TCP D=2049 S=32862 Syn Seq=4244347003 Len=0 Win=49640 Options=<mss 1460,nop,wscale 0,nop,nop,sackOK>
nfsserv -> nfsclient TCP D=32862 S=2049 Syn Ack=4244347004 Seq=1414823132 Len=0 Win=24820 Options=<nop,wscale 0,nop,nop,sackOK,mss 1460>
nfsclient -> nfsserv TCP D=2049 S=32862 Ack=1414823133 Seq=4244347004 Len=0 Win=49640
nfsclient -> nfsserv NFS C NULL4
nfsserv -> nfsclient TCP D=32862 S=2049 Ack=4244347048 Seq=1414823133 Len=0 Win=24776
nfsserv -> nfsclient RPC R (#4) XID=1134732813 Program number mismatch (low=2, high=3)
nfsclient -> nfsserv TCP D=2049 S=32862 Ack=1414823169 Seq=4244347048 Len=0 Win=49640
nfsclient -> nfsserv TCP D=2049 S=32862 Fin Ack=1414823169 Seq=4244347048 Len=0 Win=49640
nfsserv -> nfsclient TCP D=32862 S=2049 Ack=4244347049 Seq=1414823169 Len=0 Win=24820
nfsserv -> nfsclient TCP D=32862 S=2049 Fin Ack=4244347049 Seq=1414823169 Len=0 Win=24820
nfsclient -> nfsserv TCP D=2049 S=32862 Ack=1414823170 Seq=4244347049 Len=0 Win=49640
nfsclient -> nfsserv PORTMAP C GETPORT prog=100003 (NFS) vers=3 proto=UDP
nfsserv -> nfsclient PORTMAP R GETPORT port=2049
nfsclient -> nfsserv NFS C NULL3
nfsserv -> nfsclient NFS R NULL3
nfsclient -> nfsserv PORTMAP C GETPORT prog=100005 (MOUNT) vers=3 proto=UDP
nfsserv -> nfsclient PORTMAP R GETPORT port=32949
nfsclient -> nfsserv MOUNT3 C Null
nfsserv -> nfsclient MOUNT3 R Null
nfsclient -> nfsserv MOUNT3 C Mount /export/home
nfsserv -> nfsclient MOUNT3 R Mount OK FH=BDD6 Auth=unix
nfsclient -> nfsserv PORTMAP C GETPORT prog=100003 (NFS) vers=3 proto=TCP
nfsserv -> nfsclient PORTMAP R GETPORT port=2049
nfsclient -> nfsserv NFS C FSINFO3 FH=BDD6
nfsserv -> nfsclient RPC R (#24) XID=3121418445 Can't authenticate (too weak)
nfsclient -> nfsserv PORTMAP C GETPORT prog=100005 (MOUNT) vers=3 proto=UDP
nfsserv -> nfsclient PORTMAP R GETPORT port=32949
nfsclient -> nfsserv MOUNT3 C Null
nfsserv -> nfsclient MOUNT3 R Null
nfsclient -> nfsserv MOUNT3 C Mount /export/home
nfsserv -> nfsclient MOUNT3 R Mount OK FH=BDD6 Auth=unix
nfsclient -> nfsserv PORTMAP C GETPORT prog=100003 (NFS) vers=3 proto=TCP
nfsserv -> nfsclient PORTMAP R GETPORT port=2049
nfsclient -> nfsserv TCP D=2049 S=1002 Ack=1402440512 Seq=4232811440 Len=0 Win=49640
nfsclient -> nfsserv NFS C FSINFO3 FH=BDD6
nfsserv -> nfsclient RPC R (#35) XID=3171750093 Can't authenticate (too weak)


Any insight the list has would be greatly appreciated. I will summarize. TIA.

--
___
_____
________
Daniel P. Robb
TradeGroup
205 N. Michigan Ave.
Suite 1600
Chicago, IL 60601

dan@xxxxxxxxxxxx

(312) 729-0763 direct
(312) 729-0750 main
(312) 861-0789 fax
_______________________________________________
sunmanagers mailing list
sunmanagers@xxxxxxxxxxxxxxx
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

Relevant Pages

  • NFS mounting issue. (can mount other servers, but cant mount one of them)
    ... First, that nfs server is fine, other client can mount, and only one client ... reboot to solve this problem. ...
    (comp.unix.solaris)
  • Monitor progress of exported filesystem via nfs
    ... I am writing an app that runs on a nfs server that allows a remote ... clientto mount a local filesystem via nfs. ... to the client other than network connectivity so I don't want to ...
    (comp.os.linux.misc)
  • nfs issue after client crash
    ... I have a bunch of Ubuntu clients which mount /home at boot time from a ... When a client crashes it won't mount /home at boot. ... The client still appears in the "showmount"output of the server. ... If I restart the NFS server or just wait long enough everything is OK. ...
    (freebsd-questions)
  • Re: [SLE] NFS errors - where are they logged
    ... On the NFS server: ... exportfs, ... I assume /mnt/multimedia exits on the client. ... FS to be mounted, or issue the command: mount -a which will mount any ...
    (SuSE)
  • Re: recent nfs change causes autofs regression
    ... If the user asks for a new mount that is read-write, ... get it - ie we should not re-use the old client handles, ... everything needs to have the same flags), THOSE PEOPLE, who want the NEW ... or deleted on the server are now extended to also include the ...
    (Linux-Kernel)