On 3/31/2022 7:52 PM, Enzo Matsumiya wrote:
Add FIPS 140-2 compliance information regarding mounting SMB shares.
Signed-off-by: Enzo Matsumiya <ematsumiya@xxxxxxx>
...
@@ -624,6 +628,9 @@ vers=arg
kernels prior to v4.13, the default was ``1.0``. For kernels
between v4.13 and v4.13.5 the default is ``3.0``.
+ For environments that requires FIPS 140-2 compliance, only version ``2.0`` or
+ or newer is allowed. See section `SECURITY`_ for more information.
Is SMB2 really FIPS compliant? Even if it is, a server that doesn't
support anything higher is obviously far out of date. I think it
would be better to recommend, or maybe even require, SMB3 here.
Tom.
