Re: Re: connecting to windows server with SMB2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>In order to sec=ntlmv2 succeed, you will need this patch on the Windows 7 box.
>http://support.microsoft.com/kb/957441/en-us
Ok
> For smb2 (vers=2.0), sec=ntlmssp (which is the default) should succeed against
> a Windows 7 box.
True, I tried without -o sec option and it uses ntlmssp.
> Would it be possible to attach a wireshark trace of the exchange?
sure, below is the packet capture without any -o sec option:
mount -t cifs //107.109.224.147/sharefolder /mnt -o user=a.sangwan -o pass=xxxx  -o vers=2.0

No.     Time           Source                Destination           Protocol Length Info
9 0.005133000    107.109.224.147       107.109.224.197       SMB2     240    Negotiate Protocol Response
Frame 9: 240 bytes on wire (1920 bits), 240 bytes captured (1920 bits) on interface 0
Ethernet II, Src: SamsungE_65:a9:b8 (e8:03:9a:65:a9:b8), Dst: SMC_75:04:25 (00:80:0f:75:04:25)
Internet Protocol Version 4, Src: 107.109.224.147 (107.109.224.147), Dst: 107.109.224.197 (107.109.224.197)
Transmission Control Protocol, Src Port: microsoft-ds (445), Dst Port: 51900 (51900), Seq: 1, Ack: 107, Len: 174
NetBIOS Session Service
SMB2 (Server Message Block Protocol version 2)
    SMB2 Header
        Server Component: SMB2
        Header Length: 64
        Credit Charge: 0
        NT Status: STATUS_SUCCESS (0x00000000)
        Command: Negotiate Protocol (0)
        Credits granted: 1
        Flags: 0x00000001
            ..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
            ...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
            .... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
            .... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
            .... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
            .... .... .... .... .... .... .... ...1 = Response: This is a RESPONSE
        Chain Offset: 0x00000000
        Command Sequence Number: 0
        Process Id: 000000d1
        Tree Id: 0x00000000
        Session Id: 0x0000000000000000
        Signature: 00000000000000000000000000000000
        [Response to: 8]
        [Time from request: 0.000697000 seconds]
    Negotiate Protocol Response (0x00)
        StructureSize: 0x0041
        Security mode: 0x01
            .... ..0. = Signing required: False
            .... ...1 = Signing enabled: True
        Dialect: 0x0202
        Server Guid: 1fdf9cc6-8cb9-4d2d-b517-903f142c0440
        Capabilities: 0x00000001
            .... .... .... .... .... .... .... ...1 = DFS: This host supports DFS
            .... .... .... .... .... .... .... ..0. = LEASING: This host does NOT support LEASING
            .... .... .... .... .... .... .... .0.. = LARGE MTU: This host does NOT support LARGE_MTU
            .... .... .... .... .... .... .... 0... = MULTI CHANNEL: This host does NOT support MULTI CHANNEL
            .... .... .... .... .... .... ...0 .... = PERSISTENT HANDLES: This host does NOT support PERSISTENT HANDLES
            .... .... .... .... .... .... ..0. .... = DIRECTORY LEASING: This host does NOT support DIRECTORY LEASING
            .... .... .... .... .... .... .0.. .... = ENCRYPTION: This host does NOT support ENCRYPTION
        Max Transaction Size: 65536
        Max Read Size: 65536
        Max Write Size: 65536
        Current Time: Jul 11, 2014 10:28:32.408713900 India Standard Time
        Boot Time: Jul 10, 2014 14:17:39.481258000 India Standard Time
        Security Blob: 602806062b0601050502a01e301ca01a3018060a2b060104...
            Offset: 0x00000080
            Length: 42
            GSS-API Generic Security Service Application Program Interface
                OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation)
                Simple Protected Negotiation
                    negTokenInit
                        mechTypes: 2 items
                            MechType: 1.3.6.1.4.1.311.2.2.30 (NEGOEX - SPNEGO Extended Negotiation Security Mechanism)
                            MechType: 1.3.6.1.4.1.311.2.2.10 (NTLMSSP - Microsoft NTLM Security Support Provider)

No.     Time           Source                Destination           Protocol Length Info
13 0.007637000    107.109.224.197       107.109.224.147       SMB2     424    Session Setup Request, NTLMSSP_AUTH, User: ASHISH-PC\a.sangwan
Frame 13: 424 bytes on wire (3392 bits), 424 bytes captured (3392 bits) on interface 0
Ethernet II, Src: SMC_75:04:25 (00:80:0f:75:04:25), Dst: SamsungE_65:a9:b8 (e8:03:9a:65:a9:b8)
Internet Protocol Version 4, Src: 107.109.224.197 (107.109.224.197), Dst: 107.109.224.147 (107.109.224.147)
Transmission Control Protocol, Src Port: 51900 (51900), Dst Port: microsoft-ds (445), Seq: 231, Ack: 429, Len: 358
NetBIOS Session Service
SMB2 (Server Message Block Protocol version 2)
    SMB2 Header
        Server Component: SMB2
        Header Length: 64
        Credit Charge: 0
        Channel Sequence: 0
        Reserved: 0000
        Command: Session Setup (1)
        Credits requested: 3
        Flags: 0x00000000
            ..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
            ...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
            .... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
            .... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
            .... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
            .... .... .... .... .... .... .... ...0 = Response: This is a REQUEST
        Chain Offset: 0x00000000
        Command Sequence Number: 2
        Process Id: 000000d1
        Tree Id: 0x00000000
        Session Id: 0x0000040004000035 Acct:a.sangwan Domain:ASHISH-PC Host:
        Signature: 00000000000000000000000000000000
        [Response in: 14]
    Session Setup Request (0x01)
        StructureSize: 0x0019
            0000 0000 0001 100. = Fixed Part Length: 24
            .... .... .... ...1 = Dynamic Part: True
        Flags: 0
        Security mode: 0x01
            .... ..0. = Signing required: False
            .... ...1 = Signing enabled: True
        Capabilities: 0x00000000
            .... .... .... .... .... .... .... ...0 = DFS: This host does NOT support DFS
            .... .... .... .... .... .... .... ..0. = LEASING: This host does NOT support LEASING
            .... .... .... .... .... .... .... .0.. = LARGE MTU: This host does NOT support LARGE_MTU
            .... .... .... .... .... .... .... 0... = MULTI CHANNEL: This host does NOT support MULTI CHANNEL
            .... .... .... .... .... .... ...0 .... = PERSISTENT HANDLES: This host does NOT support PERSISTENT HANDLES
            .... .... .... .... .... .... ..0. .... = DIRECTORY LEASING: This host does NOT support DIRECTORY LEASING
            .... .... .... .... .... .... .0.. .... = ENCRYPTION: This host does NOT support ENCRYPTION
        Channel: 0
        Previous Session Id: 0x0000000000000000
        Security Blob: 4e544c4d5353500003000000000000004000000094009400...
            Offset: 0x00000058
            Length: 266
            NTLM Secure Service Provider
                NTLMSSP identifier: NTLMSSP
                NTLM Message Type: NTLMSSP_AUTH (0x00000003)
                Lan Manager Response: Empty
                NTLM Response: 24b41137ea2f959cba4ece78a831781d0101000000000000...
                NTLM Client Challenge: d92e2720ce844f24
                Domain name: ASHISH-PC
                User name: a.sangwan
                Host name: NULL
                Session Key: 38df3a4d60cc9e32ea0f18a824f69c55
                Flags: 0xa0880205
                    1... .... .... .... .... .... .... .... = Negotiate 56: Set
                    .0.. .... .... .... .... .... .... .... = Negotiate Key Exchange: Not set
                    ..1. .... .... .... .... .... .... .... = Negotiate 128: Set
                    ...0 .... .... .... .... .... .... .... = Negotiate 0x10000000: Not set
                    .... 0... .... .... .... .... .... .... = Negotiate 0x08000000: Not set
                    .... .0.. .... .... .... .... .... .... = Negotiate 0x04000000: Not set
                    .... ..0. .... .... .... .... .... .... = Negotiate Version: Not set
                    .... ...0 .... .... .... .... .... .... = Negotiate 0x01000000: Not set
                    .... .... 1... .... .... .... .... .... = Negotiate Target Info: Set
                    .... .... .0.. .... .... .... .... .... = Request Non-NT Session: Not set
                    .... .... ..0. .... .... .... .... .... = Negotiate 0x00200000: Not set
                    .... .... ...0 .... .... .... .... .... = Negotiate Identify: Not set
                    .... .... .... 1... .... .... .... .... = Negotiate Extended Security: Set
                    .... .... .... .0.. .... .... .... .... = Target Type Share: Not set
                    .... .... .... ..0. .... .... .... .... = Target Type Server: Not set
                    .... .... .... ...0 .... .... .... .... = Target Type Domain: Not set
                    .... .... .... .... 0... .... .... .... = Negotiate Always Sign: Not set
                    .... .... .... .... .0.. .... .... .... = Negotiate 0x00004000: Not set
                    .... .... .... .... ..0. .... .... .... = Negotiate OEM Workstation Supplied: Not set
                    .... .... .... .... ...0 .... .... .... = Negotiate OEM Domain Supplied: Not set
                    .... .... .... .... .... 0... .... .... = Negotiate 0x00000800: Not set
                    .... .... .... .... .... .0.. .... .... = Negotiate NT Only: Not set
                    .... .... .... .... .... ..1. .... .... = Negotiate NTLM key: Set
                    .... .... .... .... .... ...0 .... .... = Negotiate 0x00000100: Not set
                    .... .... .... .... .... .... 0... .... = Negotiate Lan Manager Key: Not set
                    .... .... .... .... .... .... .0.. .... = Negotiate Datagram: Not set
                    .... .... .... .... .... .... ..0. .... = Negotiate Seal: Not set
                    .... .... .... .... .... .... ...0 .... = Negotiate Sign: Not set
                    .... .... .... .... .... .... .... 0... = Request 0x00000008: Not set
                    .... .... .... .... .... .... .... .1.. = Request Target: Set
                    .... .... .... .... .... .... .... ..0. = Negotiate OEM: Not set
                    .... .... .... .... .... .... .... ...1 = Negotiate UNICODE: Set

No.     Time           Source                Destination           Protocol Length Info
14 0.008399000    107.109.224.147       107.109.224.197       SMB2     143    Session Setup Response, Error: STATUS_LOGON_FAILURE
Frame 14: 143 bytes on wire (1144 bits), 143 bytes captured (1144 bits) on interface 0
Ethernet II, Src: SamsungE_65:a9:b8 (e8:03:9a:65:a9:b8), Dst: SMC_75:04:25 (00:80:0f:75:04:25)
Internet Protocol Version 4, Src: 107.109.224.147 (107.109.224.147), Dst: 107.109.224.197 (107.109.224.197)
Transmission Control Protocol, Src Port: microsoft-ds (445), Dst Port: 51900 (51900), Seq: 429, Ack: 589, Len: 77
NetBIOS Session Service
SMB2 (Server Message Block Protocol version 2)
    SMB2 Header
        Server Component: SMB2
        Header Length: 64
        Credit Charge: 0
        NT Status: STATUS_LOGON_FAILURE (0xc000006d)
        Command: Session Setup (1)
        Credits granted: 1
        Flags: 0x00000001
            ..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
            ...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
            .... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
            .... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
            .... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
            .... .... .... .... .... .... .... ...1 = Response: This is a RESPONSE
        Chain Offset: 0x00000000
        Command Sequence Number: 2
        Process Id: 000000d1
        Tree Id: 0x00000000
        Session Id: 0x0000040004000035 Acct:a.sangwan Domain:ASHISH-PC Host:
        Signature: 00000000000000000000000000000000
        [Response to: 13]
        [Time from request: 0.000762000 seconds]
    Session Setup Response (0x01)
        StructureSize: 0x0009
            0000 0000 0000 100. = Fixed Part Length: 8
            .... .... .... ...1 = Dynamic Part: True
        Session Flags: 0x0000
            .... .... .... ..0. = Null: False
            .... .... .... ...0 = Guest: False
        Security Blob: <MISSING>: NO DATA
            Offset: 0x00000000
            Length: 0

Regards,
Ashish
On Thu, Jul 10, 2014 at 5:26 AM, Ashish Sangwan wrote:
> I am using kernel version 3.8.13 and windows 7.
>
> The below command works successfully:
> Linux#> mount -t cifs //107.109.224.147/sharefolder /mnt -o user=a.sangwan -o pass=xxxx -o vers=1.0 -o sec=ntlm
>
> Other than 1.0, all are fail:
> Linux#> mount -t cifs //107.109.224.147/sharefolder /mnt -o user=a.sangwan -o pass=xxxx -o vers=2.0 -o sec=ntlm
> [ 0][   64.276000] Status code returned 0xc000006d STATUS_LOGON_FAILURE
> [ 0][   64.284000] CIFS VFS: Send error in SessSetup = -13
>
> Tried with sec=ntlmv2/none/lanman/krb5, none of them worked.
> Help please!!ÿôèº{.nÇ+‰·Ÿ®‰­†+%ŠËÿ±éݶ¥Šwÿº{.nÇ+‰·¥Š{±ýÈŸ³ø§¶›¡Ü¨}©ž²Æ zÚ&j:+v‰¨þø¯ù®w¥þŠà2ŠÞ™¨è­Ú&¢)ß¡«a¶Úÿÿûàz¿äz¹Þ—ú+ƒùšŽŠÝ¢jÿŠwèþf
[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux