[Samba] Encrypted samba mount on Linux
amit kumar
amitkuma at redhat.com
Mon Apr 3 07:27:11 UTC 2017
Hello,
Kindly revert if my question is not clear..
waiting for inputs..
Thanks
On 04/03/2017 11:53 AM, amit kumar wrote:
>
> Thanks Steve for Quick response!!
>
> *My question is*:
> => Accessing encrypted shares fully depends on kernel fix (as you
> provided),
> If no?
> => How can we use /etc/samba/smb.conf "smb encrypt = mandatory"
> parameter to access encrypted shares? Because using this parameter I
> am not able to access samba-shares either from windows/RHEL client
>
> Thanks
> Amit
>
> On 04/03/2017 11:48 AM, Steve French wrote:
>> CIFS or SMB3 mount (vers=3.0)?
>>
>> I doubt that RHEL has backported the encryption feature in the kernel
>> client yet, but would be a good question for RHEL support.
>>
>> On Mon, Apr 3, 2017 at 1:15 AM, amit kumar <amitkuma at redhat.com
>> <mailto:amitkuma at redhat.com>> wrote:
>>
>> Dear Team,
>>
>> I am trying to use this option on RHEL-6.9(samba3.6) version
>> while accessing samba shares, but its not working??
>> Is this kernel specific or package specific also?
>>
>> setup is something as this:
>> *[RHEL 6.9]** ** ** ** ** **
>> ** ** ** ** ** ** ** ** ** ** **
>> [windows-client]** ** ** ** ** ** ** **
>> ** ** ** [RHEL-client]*
>> | (samba 3.6)
>> |
>> |
>> /samba-share
>> |
>> |
>> # vim /etc/samba/smb.conf
>> |
>> |
>> smb encrypt = mandatory
>> |
>> |
>> | <=========Not
>> working=============== |
>> |
>> |
>> <=========Not working===============
>> |
>>
>> How to make this Working???
>>
>> Thanks in Advance
>> Amit
>>
>> On 04/01/2017 06:29 AM, Steve French via samba wrote:
>>> 4.11 - But am hoping it will be broadly backported
>>>
>>> On Fri, Mar 31, 2017 at 7:52 PM, Draxter <admin at draxter.me> <mailto:admin at draxter.me> wrote:
>>>
>>>> Thanks Steve.
>>>>
>>>>
>>>> That's great news. Pretty recent commit. Which kernel version (onward) is
>>>> it in?
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Draxter.
>>>>
>>>>
>>>> On 01/04/17 00:49, Steve French wrote:
>>>>
>>>> Kernel cifs supports encryption!! (Thank you Pavel for good work, redoing
>>>> the transport layer for this!).
>>>>
>>>> See e.g. this series which was merged a couple months ago into mainline
>>>> Linux kernel:
>>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/
>>>> <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/>
>>>> linux.git/commit/fs/cifs?id=ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31
>>>>
>>>>
>>>> mount -t cifs //localhost/test /mnt -o vers=3.0,seal ....
>>>>
>>>> See attached screenshot of it in action to Samba (just did a quick mount
>>>> and displayed wireshark trace of the data so you could see)
>>>>
>>>>
>>>>
>>>> On Fri, Mar 31, 2017 at 6:39 PM, Jeremy Allison <jra at samba.org> <mailto:jra at samba.org> wrote:
>>>>
>>>>> On Sat, Apr 01, 2017 at 12:20:23AM +0100, Draxter via samba wrote:
>>>>>> Hi all,
>>>>>>
>>>>>> My server machine is running samba version 4.4.4 on Linux with 'smb
>>>>>> encryption = mandatory' option.
>>>>>>
>>>>>> My client is a Ubuntu 16.10 Linux machine.
>>>>>>
>>>>>> I am looking for a way to mount the encrypted samba share on the Linux
>>>>>> client machine. I noticed that mount.cifs does not support encryption
>>>>>> but smbclient does with an -e flag, however it seems to only be usable
>>>>>> in a ftp-like interface. Is there any way to mount this share with
>>>>>> smbclient or any other software that supports encrypted samba shares?
>>>>> Sending to Steve, who can explain why he *still*
>>>>> hasn't implemented this in cifsfs, depite it being
>>>>> designed to his spec. and included in the server since
>>>>> Samba 3.2.0....
>>>>>
>>>>> Bitter, Moi ? :-).
>>>>>
>>>>> Over to you Steve !
>>>>>
>>>> --
>>>> Thanks,
>>>>
>>>> Steve
>>>>
>>>>
>>>>
>> --
>> Thanks
>> Amit Kumar
>> There are three ways to get something done:
>> (1) Do it yourself.
>> (2) Hire someone to do it for you.
>> (3) Forbid your kids to do it.
>>
>> --
>> Thanks, Steve
> --
> Thanks
> Amit Kumar
> There are three ways to get something done:
> (1) Do it yourself.
> (2) Hire someone to do it for you.
> (3) Forbid your kids to do it.
--
Thanks
Amit Kumar
There are three ways to get something done:
(1) Do it yourself.
(2) Hire someone to do it for you.
(3) Forbid your kids to do it.
More information about the samba
mailing list