Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CTE-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Widows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Install and Configure CTE-U with CipherTrust Manager

Exporting GuardPoints over NFS

search

Exporting GuardPoints over NFS

To setup and configure your NFS server so that you can export GuardPoints:

  1. Make sure that CTE-U is started before the NFS server is started:

    vi /usr/lib/systemd/system/nfs-server.service

    Response

    network-online.target local-fs.target secfs-fuse.service

  2. Create your GuardPoints on your NFS server.

  3. Verify that the /etc/exports file contains the following:

    /guardpoint/path <nfs_server_IP>(rw,sync,fsid=3,no_root_squash)

  4. Verify that secfs_fuse was started before NFSD:

    ps -ef |grep secfs; ps -ef |grep nfsd nfsd pid

    Note

    The GuardPoint PID is valid as long as the NFS daemon is not restarted.

  5. If secfs_fuse was not started before NFSD, or if you are unable to verify it, restart the NFS server:

    service nfs-server restart

  6. Export the local directories to the NFS client. Type:

    exportfs -rvf

  7. Mount the client:

    mount -o lookupcache=none

Warning

Only wide-open (applyKey/permit) policies are supported. Use of process sets, user sets, or signature sets is not supported.

On this page