[Samba] Encrypted samba mount on Linux
amit kumar
amitkuma at redhat.com
Mon Apr 3 06:23:43 UTC 2017
Thanks Steve for Quick response!!
*My question is*:
=> Accessing encrypted shares fully depends on kernel fix (as you
provided),
If no?
=> How can we use /etc/samba/smb.conf "smb encrypt = mandatory"
parameter to access encrypted shares? Because using this parameter I am
not able to access samba-shares either from windows/RHEL client
Thanks
Amit
On 04/03/2017 11:48 AM, Steve French wrote:
> CIFS or SMB3 mount (vers=3.0)?
>
> I doubt that RHEL has backported the encryption feature in the kernel
> client yet, but would be a good question for RHEL support.
>
> On Mon, Apr 3, 2017 at 1:15 AM, amit kumar <amitkuma at redhat.com
> <mailto:amitkuma at redhat.com>> wrote:
>
> Dear Team,
>
> I am trying to use this option on RHEL-6.9(samba3.6) version while
> accessing samba shares, but its not working??
> Is this kernel specific or package specific also?
>
> setup is something as this:
> *[RHEL 6.9]** ** ** ** ** **
> ** ** ** ** ** ** ** ** ** ** **
> [windows-client]** ** ** ** ** ** ** **
> ** ** ** [RHEL-client]*
> | (samba 3.6)
> |
> |
> /samba-share
> |
> |
> # vim /etc/samba/smb.conf
> |
> |
> smb encrypt = mandatory
> |
> |
> | <=========Not
> working=============== |
> |
> |
> <=========Not working===============
> |
>
> How to make this Working???
>
> Thanks in Advance
> Amit
>
> On 04/01/2017 06:29 AM, Steve French via samba wrote:
>> 4.11 - But am hoping it will be broadly backported
>>
>> On Fri, Mar 31, 2017 at 7:52 PM, Draxter <admin at draxter.me> <mailto:admin at draxter.me> wrote:
>>
>>> Thanks Steve.
>>>
>>>
>>> That's great news. Pretty recent commit. Which kernel version (onward) is
>>> it in?
>>>
>>>
>>> Regards,
>>>
>>> Draxter.
>>>
>>>
>>> On 01/04/17 00:49, Steve French wrote:
>>>
>>> Kernel cifs supports encryption!! (Thank you Pavel for good work, redoing
>>> the transport layer for this!).
>>>
>>> See e.g. this series which was merged a couple months ago into mainline
>>> Linux kernel:
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/
>>> <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/>
>>> linux.git/commit/fs/cifs?id=ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31
>>>
>>>
>>> mount -t cifs //localhost/test /mnt -o vers=3.0,seal ....
>>>
>>> See attached screenshot of it in action to Samba (just did a quick mount
>>> and displayed wireshark trace of the data so you could see)
>>>
>>>
>>>
>>> On Fri, Mar 31, 2017 at 6:39 PM, Jeremy Allison <jra at samba.org> <mailto:jra at samba.org> wrote:
>>>
>>>> On Sat, Apr 01, 2017 at 12:20:23AM +0100, Draxter via samba wrote:
>>>>> Hi all,
>>>>>
>>>>> My server machine is running samba version 4.4.4 on Linux with 'smb
>>>>> encryption = mandatory' option.
>>>>>
>>>>> My client is a Ubuntu 16.10 Linux machine.
>>>>>
>>>>> I am looking for a way to mount the encrypted samba share on the Linux
>>>>> client machine. I noticed that mount.cifs does not support encryption
>>>>> but smbclient does with an -e flag, however it seems to only be usable
>>>>> in a ftp-like interface. Is there any way to mount this share with
>>>>> smbclient or any other software that supports encrypted samba shares?
>>>> Sending to Steve, who can explain why he *still*
>>>> hasn't implemented this in cifsfs, depite it being
>>>> designed to his spec. and included in the server since
>>>> Samba 3.2.0....
>>>>
>>>> Bitter, Moi ? :-).
>>>>
>>>> Over to you Steve !
>>>>
>>> --
>>> Thanks,
>>>
>>> Steve
>>>
>>>
>>>
> --
> Thanks
> Amit Kumar
> There are three ways to get something done:
> (1) Do it yourself.
> (2) Hire someone to do it for you.
> (3) Forbid your kids to do it.
>
> --
> Thanks, Steve
--
Thanks
Amit Kumar
There are three ways to get something done:
(1) Do it yourself.
(2) Hire someone to do it for you.
(3) Forbid your kids to do it.
More information about the samba
mailing list