Hi all,
Long time user of FreeBSD here. I have been happily using the mount_smbfs binary and in my fstab to mount Windows Shares on boot to be used by various network services house on multiple FreeBSD systems. Sadly, it appears these connections all use SMBv1 NT1 security to perform the mount operation. With the new security landscape, post-WannaCry ransomware, in a mixed-mode environment where all the shares live in Windows, that just won't do. This has been discussed many times before in the past and I even lodged a bug report right at about 5 years ago regarding the reliance on NetBIOS to mount SMB shares from FreeBSD. Every other piece of software I have encountered has moved away from this deprecated network protocol to the far more secure versions of SMB to perform Windows share operations. As a stop gap, I have implemented a very rudimentary NFS server advertising shares, but configuring a Kerberos infrastructure and setting new accounts for each and every service (not to mention the new permissions nightmares even with Active Directory) on multiple BSD systems is arduous. Rather, I am wondering why FreeBSD is behind the ball on the development? The other Linux based systems I run required a simple addition of the vers=SMB2 flag to the fstab entry to successfully mount. I understand the code base is very old for the mount_smbfs, but what is the way forward here? NFS is simply a workaround as far as I am concerned and every other *nix style distro seems to play nice. Is there an ETR on this greatly needed and long overdue update to mount newer style SMB shares?
Thanks!
Long time user of FreeBSD here. I have been happily using the mount_smbfs binary and in my fstab to mount Windows Shares on boot to be used by various network services house on multiple FreeBSD systems. Sadly, it appears these connections all use SMBv1 NT1 security to perform the mount operation. With the new security landscape, post-WannaCry ransomware, in a mixed-mode environment where all the shares live in Windows, that just won't do. This has been discussed many times before in the past and I even lodged a bug report right at about 5 years ago regarding the reliance on NetBIOS to mount SMB shares from FreeBSD. Every other piece of software I have encountered has moved away from this deprecated network protocol to the far more secure versions of SMB to perform Windows share operations. As a stop gap, I have implemented a very rudimentary NFS server advertising shares, but configuring a Kerberos infrastructure and setting new accounts for each and every service (not to mention the new permissions nightmares even with Active Directory) on multiple BSD systems is arduous. Rather, I am wondering why FreeBSD is behind the ball on the development? The other Linux based systems I run required a simple addition of the vers=SMB2 flag to the fstab entry to successfully mount. I understand the code base is very old for the mount_smbfs, but what is the way forward here? NFS is simply a workaround as far as I am concerned and every other *nix style distro seems to play nice. Is there an ETR on this greatly needed and long overdue update to mount newer style SMB shares?
Thanks!
I hope something is done in early 2018 to maybe save these systems from getting ported.