According to the Samba Official Wiki the Linux cifs kernel client has been included in the kernel since kernel version 2.5.42.
SMB3 is the now the default dialect (SMB3.02/SMB3/SMB2.1 dialects are requested by default).
CIFS protocol (and other old dialects) can be selected (by specifying “vers=1.0” or “vers=2.02” in the mount options.
| vers=3.11 | SMB3_11 | Latest, more secure version. SMB3.11 can also be requested (vers=3.1.1). By default SMB3 selects the SMB3_11 variant. |
| vers=3.10 | SMB3_10 | Early Windows 10 technical preview. |
| vers=3.02 | SMB3_02 | Windows 8.1 |
| vers=3.0 | SMB3 | Windows 8, Windows Server 2012. Mostly the same as SMB2_24 |
| vers=2.24 | SMB2_24 | Windows 8 beta SMB2 version. |
| vers=2.22 | SMB2_22 | Early Windows 8 SMB2 version. |
| vers=2.1 | SMB2_10 | Windows 7, Windows Server 2008 R2. The default is SMB2 is selected. |
| vers=2.0 | SMB2_02 | Vista SP1, Windows Server 2008 |
| vers=1.0 | SMB1 | NT1 i.e. Windows 95, NT 4.0 |
Specify with “vers=” and consider that the Linux kernel does not fully support all of the features in these new SMB versions. The newest, most secure dialect, SMB3.11 can also be requested (vers=3.1.1).
Add the following lines to /etc/samba/smb.conf
TODO: Some of these may not work - so try different combinations. PETER=FIX this
server min protocol = SMB2 server max protocol = SMB3 client min protocol = SMB2 client max protocol = SMB3 min protocol = SMB2 max protocol = SMB3 protocol = SMB2 client ipc min protocol = SMB2
Edit smb.conf file:
Find the [global] section and append the following line:
... [global] ... min protocol = SMB2 ...
WannaCry can spread via SMBv2 as well:
The following gives best options:
client min protocol = SMB2 client max protocol = SMB3
Also this works well:
server min protocol = SMB2_10 client max protocol = SMB3 client min protocol = SMB2_10
Server:
min protocol = SMB2
Client:
smbclient -U=username -N –command=”dir Directory/*” //192.168.0.1/Directory
Error:
protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE
Try to Use:
protocol = SMB2