General Information
Creating Samba server file shares (CIFS) and mounting CIFS shares on Linux.
Checklist
yum install samba samba-client
systemctl enable smb
systemctl start smb
smbpasswd -a sambauser1
Settings to configure globally and at the share level
/etc/samba/smb.conf
[global] dns proxy = no server string = Samba Server %v min protocol = SMB2 max protocol = SMB3 workgroup = WORKGROUP log file = /var/log/samba/%m.log max log size = 50 ##-- Security --## # Only allow the 192.168.1.* network globally to any share hosts allow = 192.168.1. security = user passdb backend = tdbsam encrypt passwords = yes client plaintext auth = no #-- server signing mandatory : Resolves Security Scanners finding SMB Password Encryption Not Required --# server signing = mandatory #-- smb encrypt: Requires Win8/10/Server2012 or newer clients due to smbv3 --# #smb encrypt = mandatory [share_name] path = /path_to_share valid users = sambauser1, sambauser2 browsable = yes guest ok = no read only = yes #- Allow only hosts on certain networks only (192.168.1.*) for this share-# hosts allow = 192.168.1. 127.0.0.1
Config File Help
vim /etc/samba/smb.conf.example And man smb.conf
[Optional] Test samba config syntax
testparm
Restart the samba service
systemctl restart smb
Test the samba share
smbclient -L //localhost -U sambauser1
yum install -y cifs-utils samba-client
smbclient -L <remote-cifs-server>
mkdir -p /data/shared/<cifs-share-name>
mkdir /root/.ssh chmod 700 /root/.ssh
touch /root/.ssh/.<cifs-share-name> chmod 600 /root/.ssh/.<cifs-share-name>
vim /root/.ssh/.<cifs-share-name> username=<user> password=<password_here> domain=<domain>
vim /etc/fstab //<remote-cifs-server>/<sharename> /data/shared/<cifs-share-name> cifs auto,credentials=/root/.ssh/.<cifs-share-name>,_netdev,uid=<user>,gid=<users>,rw 0 0
mount -a