diff options
| author | Steve French <sfrench@us.ibm.com> | 2006-06-04 01:53:15 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2006-06-04 01:53:15 -0400 |
| commit | 254e55ed03e2e8d23089b4a468eec2fd2e1ead9b (patch) | |
| tree | af99361609403301ab1c758e2988e79dc155a710 /fs/cifs/README | |
| parent | bdc4bf6e8ac8cc29c61c2f0dc61d9776ef9a8ed4 (diff) | |
CIFS] Support for older servers which require plaintext passwords - part 2
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/README')
| -rw-r--r-- | fs/cifs/README | 32 |
1 files changed, 26 insertions, 6 deletions
diff --git a/fs/cifs/README b/fs/cifs/README index 0355003f4f0a..a68f8e3db2d2 100644 --- a/fs/cifs/README +++ b/fs/cifs/README | |||
| @@ -485,14 +485,34 @@ PacketSigningEnabled If set to one, cifs packet signing is enabled | |||
| 485 | it. If set to two, cifs packet signing is | 485 | it. If set to two, cifs packet signing is |
| 486 | required even if the server considers packet | 486 | required even if the server considers packet |
| 487 | signing optional. (default 1) | 487 | signing optional. (default 1) |
| 488 | SecurityFlags Flags which control security negotiation and | ||
| 489 | also packet signing. Authentication (may/must) | ||
| 490 | flags (e.g. for NTLM and/or NTLMv2) may be combined with | ||
| 491 | the signing flags. Specifying two different password | ||
| 492 | hashing mechanisms (as "must use") on the other hand | ||
| 493 | does not make much sense. Default flags are | ||
| 494 | 0x07007 | ||
| 495 | (NTLM, NTLMv2 and packet signing allowed). Maximum | ||
| 496 | allowable flags if you want to allow mounts to servers | ||
| 497 | using weaker password hashes is 0x37037 (lanman, | ||
| 498 | plaintext, ntlm, ntlmv2, signing allowed): | ||
| 499 | |||
| 500 | may use packet signing 0x00001 | ||
| 501 | must use packet signing 0x01001 | ||
| 502 | may use NTLM (most common password hash) 0x00002 | ||
| 503 | must use NTLM 0x02002 | ||
| 504 | may use NTLMv2 0x00004 | ||
| 505 | must use NTLMv2 0x04004 | ||
| 506 | may use Kerberos security (not implemented yet) 0x00008 | ||
| 507 | must use Kerberos (not implemented yet) 0x08008 | ||
| 508 | may use lanman (weak) password hash 0x00010 | ||
| 509 | must use lanman password hash 0x10010 | ||
| 510 | may use plaintext passwords 0x00020 | ||
| 511 | must use plaintext passwords 0x20020 | ||
| 512 | (reserved for future packet encryption) 0x00040 | ||
| 513 | |||
| 488 | cifsFYI If set to one, additional debug information is | 514 | cifsFYI If set to one, additional debug information is |
| 489 | logged to the system error log. (default 0) | 515 | logged to the system error log. (default 0) |
| 490 | ExtendedSecurity If set to one, SPNEGO session establishment | ||
| 491 | is allowed which enables more advanced | ||
| 492 | secure CIFS session establishment (default 0) | ||
| 493 | NTLMV2Enabled If set to one, more secure password hashes | ||
| 494 | are used when the server supports them and | ||
| 495 | when kerberos is not negotiated (default 0) | ||
| 496 | traceSMB If set to one, debug information is logged to the | 516 | traceSMB If set to one, debug information is logged to the |
| 497 | system error log with the start of smb requests | 517 | system error log with the start of smb requests |
| 498 | and responses (default 0) | 518 | and responses (default 0) |