Date: Thu, 22 Jun 2017 20:14:09 -0400 From: Matt B <theunusualmatt@gmail.com> To: Rick Macklem <rmacklem@uoguelph.ca> Cc: "freebsd-fs@freebsd.org" <freebsd-fs@freebsd.org> Subject: Re: SMBv1 Deprecation Message-ID: <CALJ5sFnMWGAGS8oyUvzXfq_Z4ZeRzgs==EDZf%2BqO-4O269qdiw@mail.gmail.com> In-Reply-To: <YTXPR01MB01893E3AAB21A03677998D2FDDDB0@YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM> References: <CALJ5sFkKMGvhgRYzegikDTiTTyV1xtA_WYJW_gLkHFN9Oh0OqA@mail.gmail.com> <YTXPR01MB01893E3AAB21A03677998D2FDDDB0@YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
I totally understand. I try to support the FreeBSD Foundation with donations as often as I can as well as reporting bugs promptly as I am sure resources are spread thin. My skill set isn't really that of a programmer though. I am working right now at checking the Darwin/OS X code for mount_smbfs and other modules associated with smbfs in the hopes of possibly getting something viable for BSD, even if it has to be a port due to license issues. Progress is slow just due to lack of knowledge in the programming arena. On Thu, Jun 22, 2017 at 5:30 PM, Rick Macklem <rmacklem@uoguelph.ca> wrote: > Well, the short answer is...somebody has to do it. > (At this time, I believe that there are two people employed by > the FreeBSD Foundation to do FreeBSD kernel work.) > The rest of FreeBSD's development is done by volunteers > (some of which do the work for an employer and get permission > from the employer to upstream the work). > I, for example, do NFS as a hobby and always have, but to be honest, > there aren't many out there as stupid as I am and willing to do this;-) > > So, if you have the skills and time, feel free to do an implementation > and, so long it is appropriately licensed (no GPL or similar), I suspect > someone would be willing to work with you to get it into FreeBSD. > > If there is an SMBv2 implementation in one of the other BSDen > (NetBSD, OpenBSD,...) the port wouldn't be an immense amount > of work, but there are differences in the VFS and similar that will > need to be dealt with. > Otherwise, you are pretty much implementing it from scratch, using > the SMBv1 code as a starting point. > > rick > ________________________________________ > From: owner-freebsd-fs@freebsd.org <owner-freebsd-fs@freebsd.org> on > behalf of Matt B <theunusualmatt@gmail.com> > Sent: Thursday, June 22, 2017 3:36:14 PM > To: freebsd-fs@freebsd.org > Subject: SMBv1 Deprecation > > Long time user of FreeBSD here. I have been happily using the mount_smbfs > binary and in my fstab to mount Windows Shares on boot to be used by > various network services house on multiple FreeBSD systems. Sadly, it > appears these connections all use SMBv1 NT1 security to perform the mount > operation. With the new security landscape, post-WannaCry ransomware, in a > mixed-mode environment where all the shares live in Windows, that just > won't do. This has been discussed many times before in the past but there > hasn't been any headway AFAIK. Every other piece of software I have > encountered has moved away from this deprecated network protocol to the far > more secure versions of SMB to perform Windows share operations. As a stop > gap, I have implemented a very rudimentary NFS server advertising shares, > but configuring a Kerberos infrastructure and setting new accounts for each > and every service (not to mention the new permissions nightmares even with > Active Directory) on multiple BSD systems is arduous. Rather, I am > wondering why FreeBSD is behind the ball on the development? The other > Linux based systems I run required a simple addition of the vers=SMB2 flag > to the fstab entry to successfully mount. I understand the code base is > very old for the mount_smbfs, but what is the way forward here? NFS is > simply a workaround as far as I am concerned and every other *nix style > distro seems to play nice with SMB. Is there an ETR on this greatly needed > and long overdue update to mount newer style SMB shares? > _______________________________________________ > freebsd-fs@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-fs > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALJ5sFnMWGAGS8oyUvzXfq_Z4ZeRzgs==EDZf%2BqO-4O269qdiw>