mount from tumbleweed to a win 98 shared folder
Hi, in a local network from tumbleweed, i must have one or two times a year (or less) access to a windows 98 system running at a mechanical machine (no way to update). up to maybe last year (maybe the year before) this line was ok inside my automount file: plasma_c -fstype=cifs,username=yyyyyyyy,password=xxxxxx,uid=1000,gid=100,vers=1.0,sec=lanman,servern=yyyyyyy ://192.168.0.4/C i know sambafilesystem has disabled, oder meanwhile maybe drop unsecure lanman and maybe other things. so i got a error: kernel: Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers kernel: CIFS: VFS: Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers kernel: bad security option: lanman kernel: CIFS: VFS: bad security option: lanman is there a way to still access win98 from actual cifs/samba ???? man mount.cifs say: sec=arg Security mode. Allowed values are: • none - attempt to connection as a null user (no name) • krb5 - Use Kerberos version 5 authentication • krb5i - Use Kerberos authentication and forcibly enable packet signing • ntlm - Use NTLM password hashing • ntlmi - Use NTLM password hashing and force packet signing • ntlmv2 - Use NTLMv2 password hashing • ntlmv2i - Use NTLMv2 password hashing and force packet signing • ntlmssp - Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message • ntlmsspi - Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing i tried ntlm: kernel: bad security option: ntlm kernel: CIFS: VFS: bad security option: ntlm then i tried none and i tried to do not use the "sec=...": kernel: CIFS: Attempting to mount \\192.168.0.4\C kernel: CIFS: VFS: cifs_mount failed w/return code = -13 ok, this could be, because in wind98 a username and password is set. did anybody know how to disable username and password in win98 (if this could work) or get access to the win98 shared folder with actual cifs/samba with the username/password on the win98 side ? and yes, google is not my friend, i found nothing useful. simoN -- www.becherer.de ----------------------------------------------- - Das ist die vorlaeufig endgueltige Version! - Herbert C. Maier Dipl.-Ing. (FH) -----------------------------------------------
Don't you already have the credentials? (See below): On 7/23/2022 2:02 PM, Simon Becherer wrote:
up to maybe last year (maybe the year before) this line was ok inside my automount file:
plasma_c -fstype=cifs,username=yyyyyyyy,password=xxxxxx,uid=1000,gid=100,vers=1.0,sec=lanman,servern=yyyyyyy ://192.168.0.4/C
If you don't and have legitimate access to the Win98 machine, you could always modify the share to change the credentials or add a user to the share. On 7/23/2022 2:02 PM, Simon Becherer wrote:
up to maybe last year (maybe the year before) this line was ok inside my automount file:
plasma_c -fstype=cifs,username=yyyyyyyy,password=xxxxxx,uid=1000,gid=100,vers=1.0,sec=lanman,servern=yyyyyyy ://192.168.0.4/C
On 23.07.2022 21:02, Simon Becherer wrote:
Hi,
in a local network from tumbleweed, i must have one or two times a year (or less) access to a windows 98 system running at a mechanical machine (no way to update).
up to maybe last year (maybe the year before) this line was ok inside my automount file:
plasma_c -fstype=cifs,username=yyyyyyyy,password=xxxxxx,uid=1000,gid=100,vers=1.0,sec=lanman,servern=yyyyyyy ://192.168.0.4/C
i know sambafilesystem has disabled, oder meanwhile maybe drop unsecure lanman and maybe other things.
so i got a error:
kernel: Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers kernel: CIFS: VFS: Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers kernel: bad security option: lanman kernel: CIFS: VFS: bad security option: lanman
is there a way to still access win98 from actual cifs/samba ????
man mount.cifs
say:
sec=arg Security mode. Allowed values are:
• none - attempt to connection as a null user (no name)
• krb5 - Use Kerberos version 5 authentication
• krb5i - Use Kerberos authentication and forcibly enable packet signing
• ntlm - Use NTLM password hashing
• ntlmi - Use NTLM password hashing and force packet signing
• ntlmv2 - Use NTLMv2 password hashing
• ntlmv2i - Use NTLMv2 password hashing and force packet signing
• ntlmssp - Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message
• ntlmsspi - Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
i tried ntlm:
kernel: bad security option: ntlm kernel: CIFS: VFS: bad security option: ntlm
I do not know what kernel version you are using, but commit 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c Author: Ronnie Sahlberg <lsahlber@redhat.com> Date: Thu Aug 19 20:34:58 2021 +1000 cifs: remove support for NTLM and weaker authentication algorithms for SMB1.
then i tried none and i tried to do not use the "sec=...":
kernel: CIFS: Attempting to mount \\192.168.0.4\C kernel: CIFS: VFS: cifs_mount failed w/return code = -13
ok, this could be, because in wind98 a username and password is set.
did anybody know how to disable username and password in win98 (if this could work)
I guess that question is better asked on Microsoft forums
or get access to the win98 shared folder with actual cifs/samba with the username/password on the win98 side ?
Use smbclient?
On 23.07.22 20:02, Simon Becherer wrote:
i tried ntlm:
kernel: bad security option: ntlm kernel: CIFS: VFS: bad security option: ntlm
As far as I know you have to enable ntlm2 on Windows 98 first as described by Microsoft: <https://docs.microsoft.com/en-us/troubleshoot/windows-client/windows-security/enable-ntlm-2-authentication>
On 24.07.2022 10:48, Markus Koßmann wrote:
On 23.07.22 20:02, Simon Becherer wrote:
i tried ntlm:
kernel: bad security option: ntlm kernel: CIFS: VFS: bad security option: ntlm
As far as I know you have to enable ntlm2 on Windows 98 first as described by Microsoft:
This describes client side and requires additional package (active directory client extensions) which is most likely no more available. As I already said, the question is better directed to Windows experts, but I do not remember a single response "enable NTLMv2 on Windows 98" to the question "I cannot access Windows 98 share from Windows 7/8/10/...". But of course testing it would be interesting.
Am 24.07.22 um 11:58 schrieb Andrei Borzenkov:
On 24.07.2022 10:48, Markus Koßmann wrote:
On 23.07.22 20:02, Simon Becherer wrote:
i tried ntlm:
kernel: bad security option: ntlm kernel: CIFS: VFS: bad security option: ntlm
As far as I know you have to enable ntlm2 on Windows 98 first as described by Microsoft:
This describes client side and requires additional package (active directory client extensions) which is most likely no more available. As I already said, the question is better directed to Windows experts, but I do not remember a single response "enable NTLMv2 on Windows 98" to the question "I cannot access Windows 98 share from Windows 7/8/10/...".
But of course testing it would be interesting.
Hi all, ok, i tested on a other windows98 system: from this (german) side who claim to be a side for old operating systems to save downloads and howtos: https://www.creopard.de/download/detail/dsclient/51.htm (scanned with virustotal) i installed the "active directory client" what should be after registry change, enable ntlmv2 but i was not able to connect. no idea what was wrong, (maybe my mount.cifs options ??) VFS: Unable to select appropriate authentication method! i think i remember there was a tool or a option to check what authentication methode cifs/samba server provide. but i did not find the command/tool any more, if somebody know how to check i will see if windows provide now some more modern connection method than lanman after this update. ===================================== so i tested second posibility: removed the password for the windows drive. and with the mount option vers=1.0,sec=none i was able to connect. so for me the problem is solved. -- www.becherer.de ----------------------------------------------- - Das ist die vorlaeufig endgueltige Version! - Herbert C. Maier Dipl.-Ing. (FH) -----------------------------------------------
participants (4)
-
Andrei Borzenkov -
joe a -
Markus Koßmann -
Simon Becherer