Side effect of recent change to more secure defaults like "lanman auth = No" intentionally?

Günter Kukkukk samba at
Wed Apr 2 01:38:45 GMT 2008

Am Dienstag, 1. April 2008 schrieb Frank KInscherff:

Hi Frank,

> HI Guenter:
> although this little change of of "lanman auth = no" to obey to the
> security panic overall, I was spending ages to get my environment
> running after I did an upgrade test from ubuntu server 7.10 to 8.04. On
> 7.10 all my backup data and much more goes on a Network device (low
> cost) which I only can access through samba, After the upgrade this
> important drive was gone and started me to panic as one of my hard
> drives began to report errors which indicated dying of this device w/
> still same useful data on one partition.
You say "...goes on a Network device (low cost) which I only 
can access through samba."
I guess, you mean that you access that NAS by mounting it using
the kernel modules smbfs or cifs - or you use "some samba client
(library) based program" (?)

In case you mount, are those mounts placed into /etc/fstab or do 
you use other scripts to mount them?

The smbfs userland helper smbmount and other samba client tools parse
your local smb.conf.
So the entry "client lanman auth = Yes or No" can affect
the possibility to access the NAS.
But _only_ when the NAS needs the "lanman auth" processing,
which would be the case when the NAS is negociating a somewhat
anchient smb protocol dialect.

So, how do you do your backup and your other file storage onto
that NAS?

Cheers, Günter

> I am not a Linux guru like you are, and I still do not understand if I
> would overcome this "yes to no" by setting only the smbpasswd entry
> different and then use the more secure setting to be "no". May be you
> could help me out her w/ a little more step by step shell commands how
> to do it ( I moved from Windows to Linux last year in Autumn getting a
> real Linux fan, but still have some glitches I do not follow, cause I
> use my Desktop and server to run my Marketing Consulting Company -
> although they are all migrated to Linux now).
> Apart from that  I'd like to say thank you for explaining me the default
> change. It got my Netdisk back. I was then able to do a last Backup om
> my ditchy Disk and swaped it w/ a new one.
> Now, in terms of security this change at that time with no clear
> announcement brought me into a very insecure situation in terms of
> loosing a lot of data.
> Again thanks a lot
>     Frank
> P.S. If I could go to "no" and still can get to my netdisk this would be
> great!

More information about the samba-technical mailing list