Caterpillar
Posts: 25 from 2010/10/12
I just spent quite some time trying to figure out why my MorphOS machine (and my Amiga 4000) didn't want to connect my Samba shares anymore, and thought this might be useful for others who might have upgraded samba recently.
After some digging around and getting samba to actually log something I could see that the password authentication failed, so I checked through the changelog of samba to see if they had changed anything and in the changelog for 4.5.0 I found this:
Code:
NTLMv1 authentication disabled by default
-----------------------------------------
In order to improve security we have changed
the default value for the "ntlm auth" option from
"yes" to "no". This may have impact on very old
clients which doesn't support NTLMv2 yet.
The primary user of NTLMv1 is MSCHAPv2 for VPNs and 802.1x.
By default, Samba will only allow NTLMv2 via NTLMSSP now,
as we have the following default "lanman auth = no",
"ntlm auth = no" and "raw NTLMv2 auth = no".
So I simply added these lines to my smb.conf:
Code:
lanman auth = yes
ntlm auth = yes
raw NTLMv2 auth = yes
And now everything works again! I guess not all of these are needed for smbfs but since I have blocked samba access from the outside I didn't really dig deeper.
