[linux-cifs-client] Re: Forcing plain text passwords in mount.cifs
Steven French
sfrench at us.ibm.com
Thu Mar 22 23:16:32 GMT 2007
> I am running Fedora Core 5 (kernel 2.6.20.2300) and mount.cifs version:
> 1.10
>
> It looks like my problem is the server I am connecting to only expects
> plaintext passwrods which have been turned off. Is there a way to turn
> them on again? (I can't find any information on this)
>
> I get the following message in demsg after setting /proc/fs/cifs/cofsFYI
> to 3:
>
> fs/cifs/connect.c: Existing smb sess not found
> fs/cifs/cifssmb.c: secFlags 0x7
> fs/cifs/transport.c: For smb_command 114
> fs/cifs/transport.c: Sending smb of length 78
> fs/cifs/connect.c: rfc1002 length 0x5b)
> fs/cifs/cifssmb.c: Dialect: 2
> CIFS VFS: Server requests plain text password but client support
>disabled
For cifs client, plaintext password support is turned off by default - it
can be enabled by
turning on a security flag (0x20 or 32 decimal). See fs/cifs/README if
curious about the
details for the rest of the security flags.
The default on your system for /proc/fs/cifs/SecurityFlags is probably 0x7
which means
only the following three security options are allowed:
packet signing, ntlm password hashing, ntlmv2 password hashing
(but not plaintext password).
If your default flags were 7 then to turn on plaintext password support
you could simply do:
echo 39 > /proc/fs/cifs/SecurityFlags
which adds in the missing flag. If this fails, you are running a kernel
cifs module
which has not been built with support for older servers which support weak
security (a cifs configuration/build option in make menuconfig).
Steve French
Senior Software Engineer
Linux Technology Center - IBM Austin
phone: 512-838-2294
email: sfrench at-sign us dot ibm dot com
More information about the linux-cifs-client
mailing list