On Wed, Feb 7, 2024 at 11:38 AM Steve French <smfrench@xxxxxxxxx> wrote:
>
> smb3: clarify mount warning
>
> When a user tries to use the "sec=krb5p" mount parameter to encrypt
> data on connection to a server (when authenticating with Kerberos), we
> indicate that it is not supported, but do not note the equivalent
> recommended mount parameter ("sec=krb5,seal") which turns on encryption
> for that mount (and uses Kerberos for auth). Without an updated
> mount warning
> it could confuse some NFS users. Note that for SMB3+ we support
> encryption,
> but consider it ("seal") a distinct mount parameter since the same
> user may choose
> to encrypt to one share but not another from the same client.
> Update the warning message
> to reduce confusion.
>
> See attached.
> --
> Thanks,
>
> Steve
Looks good to me.
--
Regards,
Shyam
