[Samba] Encryption
Jeff Layton
jlayton at samba.org
Fri Jun 25 13:34:49 MDT 2010
On Fri, 25 Jun 2010 12:20:41 -0700
Jeremy Allison <jra at samba.org> wrote:
> On Fri, Jun 25, 2010 at 06:54:08PM +0000, Dan Lenski wrote:
> > On Sun, 18 Apr 2010 10:29:38 -0400, simo wrote:
> >
> > > On Sun, 2010-04-18 at 10:05 -0400, Nico Kadel-Garcia wrote:
> > >>
> > >> Reviewing the docs, this tool requires Samba 3.2 or later on both the
> > >> client and server sides. I'm therefore assuming that it's not
> > >> compatible with a contemporary Windows fileserver: can you confirm
> > >> this? Does anyone know if NetApp supports such encryption?
> > >
> > > It is an extension created by the Samba Team as part of unix extensions,
> > > and at the moment the only client that implements it is smbclient. Not
> > > even the in kernel cifs driver implements it. And we have no knowledge
> > > of any other implementer adopting it yet.
> >
> > Does anyone know a time-frame for inclusion of transport encryption in
> > the kernel CIFS driver? I'm really looking forward to this feature!
>
> Steve, Jeff.... ping ? :-)
>
Sadly, there are enough bugs in this area that it may be a bit before
we get around to adding new features. I know Shirish was poking around
in here a while back, but I think he's working on other stuff now.
I think before we can reasonably add that we really need to move all of
the cifs crypto to use the kernel's standard crypto libs rather than the
homegrown routines they use now. There are some definite problems wrt
to unicode in there (not directly related to crypto, but it needs
fixing). NTLMSSP auth is also busted which is a rather important item.
--
Jeff Layton <jlayton at samba.org>
More information about the samba
mailing list