encryption on network
jlayton at samba.org
Fri Jul 29 04:16:10 MDT 2011
On Thu, 28 Jul 2011 17:14:35 -0700
Jeremy Allison <jra at samba.org> wrote:
> On Thu, Jul 28, 2011 at 07:08:04PM -0500, Christopher R. Hertel wrote:
> > Jeremy Allison wrote:
> > > On Thu, Jul 28, 2011 at 05:59:41PM -0500, Christopher R. Hertel wrote:
> > >> The network traffic is not encrypted.
> > >>
> > >> The SMB protocol does not provide any mechanism for encrypting traffic
> > >> between clients and servers.
> > >
> > > As shipped by Microsoft :-). The UNIX extensions to SMB allow
> > > encrypted traffic between clients and servers and Samba has
> > > supported this for a long time (smbclient -e will encrypt
> > > traffic).
> > Right, but the question particularly listed WinXP as one of the
> > participating clients. Windows clients don't support the Unix extensions,
> > so they don't support encrypted SMB and that kinda ruins the whole thing,
> > eh? [sad face]
> Yes I realize that. But that's not what you said. You said:
> "The SMB protocol does not provide any mechanism for encrypting traffic
> between clients and servers." - but that's not generically true,
> only between *Microsoft* clients and servers.
> You made it sound like that was definitive, and you are the
> acknowledged authority on CIFS/SMB, so I couldn't let that
> stand. People link to your posts here :-).
> > Please allow me to join the choir on that. (I'll sit at the back and not
> > get in anyone's way.) [winky face]
> Maybe if we all wish REALLY HARD, Steve and Jeff will hear
> us.. :-).
Sorry, just haven't heard great hue and cry for this feature (other
than from you, of course :). My next task for cifs is to make it do
parallel reads, but I haven't had time to start on that yet.
Jeff Layton <jlayton at samba.org>
More information about the samba-technical