# limiting nfs r/w to specific user on specific ip

## DaggyStyle

Greetings,

I want to setup a nfs server that will allow all hosts to read a mount and one host to r/w.

this is what I have below, according to all guides it will work (didn't had the chance to test it yet because the new server's hdd isn't here yet)

```

/mnt/nfs_exports                10.0.0.0/24(ro,all_squash,no_subtree_check) 10.0.0.6(rw,all_squash,no_subtree_check)

```

my question is, how can I add user validation?

Thanks.

----------

## kikko

Hi DaggyStyle

this depends on NFS version you plan to use:

NFSv3 authentication is host-based, and it relies on a consistent user-UID mapping between client and server in order to manage permission properly

version 4 is a little more complex (IMHO   :Very Happy:  ), but seems to have very nice security enhancements compared to its predecessor (ACLs, GSS-API et al. See this for further info)

There is plenty of howtos on how to add Super Duper Kerberos auth in NFSv4, maybe it suits your needs   :Wink: 

Regards

----------

