Disabling SMB1 by default

Stefan Metzmacher metze at samba.org
Mon Jun 19 13:39:01 UTC 2017


Hi Andreas,

> we recently had a bug filed against Ubuntu [1] requesting that we disable
> the SMB1 protocol by default. That is part of a larger campaign [2] to get
> rid of SMB1 entirely.
> 
> Has there been any discussion among Samba developers to change the default
> client and server min protocol level to SMB2? Would you consider making
> such a change?

We're recently discussed changing 'client max protocol = SMB3' so
that smbclient and other utilities work against servers
with disabled SMB1 by default.

We hope to get this into 4.7, but there's only about 3 weeks
left to make this change (until 4.7.0rc1 is branched from master),
so it's not sure if such a change will make it into 4.7.0 (released
in September).

I guess changing the defaults for the min protocol values will
take a lot longer. The earliest would be 4.8.0 (early March 2018),
but I'm not sure we'll change it by then.

But you could also have custom patch in ubuntu 18.04 that
raise the default values.

metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20170619/82ab7d23/signature.sig>


More information about the samba-technical mailing list