[linux-cifs-client] Question on current state of sec=krb5* integration in cifs.ko
Jeff Layton
jlayton at redhat.com
Fri Oct 23 11:13:19 MDT 2009
On Fri, 23 Oct 2009 18:30:25 +0200
Holger Rauch <holger.rauch at empic.de> wrote:
> Hi Jeff,
>
>
> On Fri, 23 Oct 2009, Jeff Layton wrote:
>
> > [...]
> > Yes, much...
> >
> > NFS (well, RPC actually) sends credentials with every call, so if you
> > destroy the creds, then the client and server will tend to pick up on
> > that fact rather quickly. With CIFS the credentials are just used to
> > establish a "session". After that, krb5 doesn't really come into play
> > very much (at least until you have to reconnect).
>
> Well, that surely explains the "kdestroy" thing, but the other
> interesting question is what software is actually meant by "server"
> in case the log message reads similar to "server doesn't support signing"?
>
> Any details for me on this one?
>
Sorry, it's a little difficult to be more specific...
It depends on what you're kind of server you're mounting here. If it's
windows, then you'll probably need to play with its settings. If you're
mounting samba, you probably need to set samba options to enable
signing. If something else...who knows?
--
Jeff Layton <jlayton at redhat.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/linux-cifs-client/attachments/20091023/ebfb8a42/attachment.pgp>
More information about the linux-cifs-client
mailing list