jra at samba.org
Sun Apr 18 19:00:06 MDT 2010
On Sun, Apr 18, 2010 at 09:20:54AM -0400, Nico Kadel-Garcia wrote:
> Samba is a very helpful implementation of CIFS, and I congratulate its
> authors. But CIFS was *not* built for data security. Encrypting such
> traffic would be an amazing performance hit on the server side. If you
> need secure data transfer, and do not need the kind of live sharing
> that CIFS or UNIX protocols like NFS provide, I'd urge you to use
> "git" for SSH based access to a central repository with local editing
> and full source control features. It's still a performance hit over
> direct file sharing, but it works well for interrupted connections to
> the primary document source, and I really like it for laptop or remote
> data center operation.
Ahem. We *do* implement encryption on the CIFS stream in
the Samba server. Works well with smbclient -e option.
All it needs is for the kernel client to implement it.
It's not such a bad hit on the server side of things :-).
More information about the samba