Urgent: Fedora 18 update breaks mount.cifs
Adam Williamson
awilliam at redhat.com
Wed Mar 6 21:59:20 UTC 2013
On 06/03/13 03:22 AM, Chuck Forsberg WA7KGX N2469R wrote:
>> It broke for me. It was coincident with the change from kernel 3.7.9
>> to 3.8.1 but I didn't investigate if this was the cause.
>>
>> Adding a "sec=" option with either ntlm or ntlmv2 worked for me.
>> Slightly odd given that the man page says ntlm is the default.
>>
>> Digging a little more, a possibly relevant kernel commit from
>> 2012-11-25 has the comment "default authentication needs to be at
>> least ntlmv2 security for cifs mounts":
>> -#define CIFSSEC_DEF (CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLM |
>> CIFSSEC_MAY_NTLMV2 | CIFSSEC_MAY_NTLMSSP)
>> +#define CIFSSEC_DEF (CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLMSSP)
>>
>> --
>> Paul
>>
>>
> The "sec=ntlm" magic chant does the trick. Flag Day overcome. Thnx.
Oh, sorry guys - I knew about that one, but I got a different error
message from you, so I assumed it was a different bug.
Apparently, NTLM has been found to be insecure so upstream doesn't want
to allow NTLM connections by default any more. There may be something
you can do at the server end to use NTLMv2 instead; that would probably
be safer than forcing the use of NTLM.
I'm using a NAS box with very limited configuration options so I'm stuck
with NTLM, but if you're using an actual Windows machine as the host,
you can probably fix it.
We should probably throw this in common bugs, now three people have hit
it...
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net
More information about the test
mailing list