Mount a samba network drive from terminal without hardcoding a password
Use the mount.cifs
command instead, as it allows to specify a credentials file or prompts for a password if none given.
Installation
First of all, check you have the needed packages installed by issuing the following command:
sudo apt-get install cifs-utils
METHOD 1 - USING A CREDENTIALS FILE
According to the manual http://manpages.ubuntu.com/manpages/raring/man8/mount.cifs.8.html :
OPTIONS
[...]
credentials=filename specifies a file that contains a username and/or password and optionally the name of the workgroup. The format of the file is:username=value
password=value
domain=value
Usage:
mount.cifs //<hostname_or_ip>/<cifs_share> <local_mountpoint> -o user=<user_to_connect_as>,rw,credentials=<path_to_the_credentials_file>
Example:
sudo mount.cifs //domain.com/share /mnt/domain_com -o user=admin,rw,credentials=/root/.credentials
It's important to note that the "name_of_the_user_to_connnect_as" can contain also the domain or the workgroup:
user=workgroup/user
user=domain/user
(Depending on you environment, you will need more or less options)
Regarding security, it should be enough to store the credentials file in the /root directory, but if you want to store it elsewhere, just
- set the root user as its owner with
sudo chown root <file>
- set owner-only permissions with `sudo chmod 600
METHOD 2 - PASSWORD PROMPT
If as stated, you don't want your password to be visible at all, then just don't provide the "password" option in your mount.cifs
command.
From the manpage at http://manpages.ubuntu.com/manpages/hardy/man8/mount.cifs.8.html
password=arg
specifies the CIFS password. If this option is not given then the environment variable PASSWD is used. If the password is not specified directly or indirectly via an argument to mount mount.cifs will prompt for a password, unless the guest option is specified. Note that a password which contains the delimiter character (i.e. a comma ’,’) will fail to be parsed correctly on the command line. However, the same password defined in the PASSWD environment variable or via a credentials file (see below) or entered at the password prompt will be read correctly.
Accordingly, the following command should prompt for a password:
mount.cifs //<hostname_or_ip>/<cifs_share> <local_mountpoint> -o user=<user_to_connect_as>,rw
Tested and working as expected:
Related videos on Youtube
mcExchange
Updated on September 18, 2022Comments
-
mcExchange over 1 year
I know that the default command would look like this:
sudo mount -t cifs -o username=YOUR_USERNAME,password=YOUR_PASSWORD,uid=YOUR_UBUNTU_USERNAME //networkNameOfRemoteComputer/path/to/my/folder /path/to/mounting/dir
However I want to mount a samba share folder without hard coding my password. I consider it a high security risk if the password is visible. Does anyone have an idea?
(In a previous version of this question I also asked for mounting without sudo rights but it seems that this is just not possible :( )
-
Eduardo López over 8 yearsI'm not sure if you can point to a credential file from that command, but if so would be the easiest way, IMO. The credential file should have restrictive permissions so that only could be accessed with sudo.
-
mcExchange over 8 yearsCould you give an example for that?
-
-
Eduardo López over 8 yearsWell, if you plan on mounting every time manually, you can just remove the "password" option from your command. You should be then prompted for the password each time, afaik.
-
Eduardo López over 8 yearsI mean using mount.cifs - At least, the manual says it should work :-)
-
Eduardo López over 8 yearsLook at the edit - it is working with mount.cifs
-
mcExchange over 8 years
mount.cifs
works :) Great success! Thank you -
mcExchange over 8 yearsBy the way: I had to
sudo apt-get install cifs-utils
-
Eduardo López over 8 yearsGlad you sorted this out! I'll edit the answer following your lats comment.