Setting SMB 2.0 as default for mount operations
Unfortunately the kernel's cifs
filesystem module does not read /etc/samba/smb.conf
at all. The CIFS client module that allows mounting of Windows fileshares is completely separate from Samba.
The default protocol level in the cifs
module was changed to SMB3 in vanilla kernel version 4.13, and a multi-dialect negotiation patch (effectively setting the default to "SMB2.1 or later") was added to the vanilla kernels in September 2017.
I'm pretty sure that the "enterprise" Linux distributions have backported the patch to earlier kernels, but on Arch your only option may be to upgrade to kernel version 4.13 or later.
Here's a link to the relevant patch in kernel.org Git. The commit ID might be helpful in tracking the patch in specific kernel versions.
Related videos on Youtube
MarkP
Updated on September 18, 2022Comments
-
MarkP over 1 year
Using a
mount -t cifs -v <address>
returns withHost is Down
error when connecting to a server running SMB 2.0 (with SMB 1.0 disabled). A workaround is to specifyvers=2.0
to the argument list ofmount
. This works fine if you're mounting via command line and have the ability to specify this argument. But, when using a GUI or some program that callsmount
on your behalf, this argument is not specified.Is there a way to make SMB 2.0+ the default for all
mount -t cifs
calls, regardless what calls it? Perhaps insmb.conf
?Currently running Arch Linux.
EDIT: Added
min protocol = SMB2
to/etc/samba/smb.conf
and restarted the service. Bothmount
andsmbclient
still require the SMB version to be specified before connecting to the server.EDIT2: Adding
client min protocol = SMB2
andclient max protocol = SMB3
allowssmbclient
to connect to the server without specifying the version argument. But,mount
still doesn't respect the newly added lines insmb.conf
. -
roaima almost 6 yearsThanks for this. I don't suppose you know if it's been incorporated in recent Debian kernels do you?
-
telcoM almost 6 yearsDebian 9 (the current stable) is at kernel 4.9.88-1+deb9u1 (although named
linux-image-4.9.0-6-amd64
) , and unfortunately the only CIFS patch it seems to have is for CVE-2018-1066. Debian testing has kernel 4.16.*, so it already has the patch via upstream.