Jeremy Allison wrote: > On Thu, Jul 28, 2011 at 05:59:41PM -0500, Christopher R. Hertel wrote: >> The network traffic is not encrypted. >> >> The SMB protocol does not provide any mechanism for encrypting traffic >> between clients and servers. > > As shipped by Microsoft :-). The UNIX extensions to SMB allow > encrypted traffic between clients and servers and Samba has > supported this for a long time (smbclient -e will encrypt > traffic). Right, but the question particularly listed WinXP as one of the participating clients. Windows clients don't support the Unix extensions, so they don't support encrypted SMB and that kinda ruins the whole thing, eh? [sad face] >> The only good way to ensure that the traffic >> is encrypted is to create a VPN and ensure that SMB traffic is always >> contained within the VPN. > > Or use Samba smbclient to a smbd server :-). Of course, we > really need this in the Linux CIFS client. ...and that's the other piece. Smbclient is a very useful tool, but not what you want to use if you are trying to mount a file system. > Steve French - where's my encrypted transport code !!! (your > monthly ping on this :-). Please allow me to join the choir on that. (I'll sit at the back and not get in anyone's way.) [winky face] Chris -)----- -- "Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq. ubiqx Team -- http://www.ubiqx.org/ -)----- crh@xxxxxxxxxxxx OnLineBook -- http://ubiqx.org/cifs/ -)----- crh@xxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
