smbclient --max-protocol=NT1: why it requres setting MIN protocol too?
Michael Tokarev
mjt at tls.msk.ru
Tue Oct 25 18:00:56 UTC 2022
25.10.2022 20:57, Rowland Penny via samba-technical wrote
..
> I am just trying to understand this, from what I thought I knew. SMB is a negotiating protocol, so shouldn't smbclient negotiate the best version of
> SMB to use ? i.e. You shouldn't have to tell it what version to use.
Well, it does the right thing. NT1 or CORE are insecure protocols,
this is why they've been disabled. A bad m-i-m can force a negotiation
to be agreed upon an insecure protocol. So you have to explicitly
tell smbclient to use known-bad one.
/mjt
More information about the samba-technical
mailing list