[Samba] Encryption

Nico Kadel-Garcia nkadel at gmail.com
Sun Apr 18 08:05:52 MDT 2010

On Sun, Apr 18, 2010 at 9:24 AM, Volker Lendecke
<Volker.Lendecke at sernet.de> wrote:
> On Sun, Apr 18, 2010 at 09:20:54AM -0400, Nico Kadel-Garcia wrote:
>> Samba is a very helpful implementation of CIFS, and I congratulate its
>> authors. But CIFS was *not* built for data security. Encrypting such
>> traffic would be an amazing performance hit on the server side. If you
>> need secure data transfer, and do not need the kind of live sharing
>> that CIFS or UNIX protocols like NFS provide, I'd urge you to use
>> "git" for SSH based access to a central repository with local editing
>> and full source control features. It's still a performance hit over
>> direct file sharing, but it works well for interrupted connections to
>> the primary document source, and I really like it for laptop or remote
>> data center operation.
> Have you tried smbclient -e against a Samba server? :-)
> Volker

*OH*. Thank youf for the corrction. This is what I get for being a
busy camper for a few years: this was apparently introduced at Samba
3.2, and only made it to the RedHat Enterprise releases with RHEL 5.
If I could get back all the time I've wasted supporting out of date
"stable" servers in mixed environments, and being prevented from
releasing new features because they're "stable", I'd.... well, I'd
have a lot more time for the Samba-3.5 testing I'm trying right now.

Reviewing the docs, this tool requires Samba 3.2 or later on both the
client and server sides. I'm therefore assuming that it's not
compatible with a contemporary Windows fileserver: can you confirm
this? Does anyone know if NetApp supports such encryption?

More information about the samba mailing list