8
1
I have servers which offer only SMB3 mounts for security reasons. This works well for Windows (10) clients, but not for Linux clients. They refuse to automount anything which is not SMB1.
For manual mounts, the option -o vers=3.0 can be used. How can I force the system to use this option when I want to mount shares from graphical file managers on Gnome or KDE?
emk2203
Posted 2017-07-08T12:36:54.060
Reputation: 594
11
Graphical file managers do not establish 'cifs' kernel mounts; they use Samba's libsmbclient.
The corresponding /etc/samba/smb.conf options are:
[global]
client min protocol = SMB2_02
; default is 'CORE' (MS-DOS era)
client max protocol = SMB3
; default was 'NT1' (aka CIFS) until Samba v4.6
; finally includes SMB3 as of Samba v4.7
As soon as you raise the maximum to SMBv3, the client will negotiate the best supported version. It is not necessary to block CIFS/SMBv1 via client min protocol.
Note that the "SMB2" and "SMB3" keywords map to the highest supported sub-version of that protocol (currently "SMB2_10" and "SMB3_11"). This means that setting the minimum protocol to "SMB3" would actually exclude Windows 8.1 (which uses SMB3_02).
See the smb.conf manual page for more details and the full protocol list.
user1686
Posted 2017-07-08T12:36:54.060
Reputation: 283 655
1
Linux (kernel) clients (cifs.ko) have defaulted to smb3 (smb2.1 or later) for about a year. There have also been three changes that allow it to be configured (and even built) with smb1 (cifs) support disabled.
Steve French
Posted 2017-07-08T12:36:54.060
Reputation: 11
3For anyone having the same problems, this works even with a bare-bones
smb.confwith just these lines after a[global]line. So no need to install the samba package(s) if you just need the client. – emk2203 – 2017-07-08T17:09:56.270