Anyone seen SMB2 signing issues with Hitachi HNAS?
realrichardsharpe at gmail.com
Wed Feb 26 17:56:02 UTC 2020
On Wed, Feb 26, 2020 at 9:50 AM Aurélien Aptel <aaptel at suse.com> wrote:
> Richard Sharpe via samba-technical <samba-technical at lists.samba.org>
> > Tried connecting with smbclient and on the Session Setup response,
> > which is signed we exit with "Bad SMB2 signature for message".
> > I tested against a Windows 2012 DC and a capture shows that the DC is
> > also signing the SMB2 Session Setup response and smbclient has no
> > problems with it.
> > Is this something broken with the HNAS?
> * Signing key generation changed between SMB 3.0 and 3.11, is the HNAS
> using the same dialect your 2012 DC?
> * Signing keys are generated based on the Session Key (which comes from
> kerberos or NTLMSSP) and it uses time as input. Maybe check the clocks
> are not too far off from each other.
Thanks for that. The HNAS supports SMB 2.1 ...
Clocks may be the issue.
More information about the samba-technical