[PATCH][smb client] updating warning message for sec=krb5p
Steve French
smfrench at gmail.com
Wed Feb 7 06:08:28 UTC 2024
smb3: clarify mount warning
When a user tries to use the "sec=krb5p" mount parameter to encrypt
data on connection to a server (when authenticating with Kerberos), we
indicate that it is not supported, but do not note the equivalent
recommended mount parameter ("sec=krb5,seal") which turns on encryption
for that mount (and uses Kerberos for auth). Without an updated
mount warning
it could confuse some NFS users. Note that for SMB3+ we support
encryption,
but consider it ("seal") a distinct mount parameter since the same
user may choose
to encrypt to one share but not another from the same client.
Update the warning message
to reduce confusion.
See attached.
--
Thanks,
Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-smb3-clarify-mount-warning.patch
Type: text/x-patch
Size: 1251 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20240207/1de64ec6/0001-smb3-clarify-mount-warning.bin>
More information about the samba-technical
mailing list