From owner-freebsd-arch@freebsd.org Mon Nov 26 18:04:07 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B8113113ECE4 for ; Mon, 26 Nov 2018 18:04:07 +0000 (UTC) (envelope-from SRS0=Kso7=OF=quip.cz=000.fbsd@elsa.codelab.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 046C0804B9 for ; Mon, 26 Nov 2018 18:04:07 +0000 (UTC) (envelope-from SRS0=Kso7=OF=quip.cz=000.fbsd@elsa.codelab.cz) Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 61A6128411; Mon, 26 Nov 2018 18:57:33 +0100 (CET) Received: from illbsd.quip.test (ip-86-49-16-209.net.upcbroadband.cz [86.49.16.209]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 85B5C28417; Mon, 26 Nov 2018 18:57:32 +0100 (CET) Subject: Re: Removal or updating of "mount_smbfs" from FreeBSD operating system To: Gerard Seibert , freebsd-arch@freebsd.org References: <20181126121926.00007626@seibercom.net> From: Miroslav Lachman <000.fbsd@quip.cz> Message-ID: <992c395a-d29e-3f71-9750-b0cbdf2761f4@quip.cz> Date: Mon, 26 Nov 2018 18:57:32 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.3 MIME-Version: 1.0 In-Reply-To: <20181126121926.00007626@seibercom.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 046C0804B9 X-Spamd-Result: default: False [3.66 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FORGED_MUA_SEAMONKEY_MSGID_UNKNOWN(2.50)[]; NEURAL_HAM_MEDIUM(-0.57)[-0.571,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.42)[0.419,0]; IP_SCORE(0.00)[country: CZ(0.02)]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[quip.cz]; AUTH_NA(1.00)[]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: elsa.codelab.cz]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[4.105.124.94.list.dnswl.org : 127.0.10.0]; NEURAL_SPAM_LONG(0.12)[0.119,0]; R_SPF_NA(0.00)[]; FORGED_SENDER(0.30)[000.fbsd@quip.cz,SRS0=Kso7=OF=quip.cz=000.fbsd@elsa.codelab.cz]; RECEIVED_SPAMHAUS_PBL(0.00)[209.16.49.86.zen.spamhaus.org : 127.0.0.11]; R_DKIM_NA(0.00)[]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:42000, ipnet:94.124.104.0/21, country:CZ]; FROM_NEQ_ENVFROM(0.00)[000.fbsd@quip.cz,SRS0=Kso7=OF=quip.cz=000.fbsd@elsa.codelab.cz]; MID_RHS_MATCH_FROM(0.00)[] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Nov 2018 18:04:07 -0000 Gerard Seibert wrote on 2018/11/26 18:19: > TO WHOM IT MAY CONCERN > > The “SMBv1” protocol is a security hazard and was depreciated by Microsoft in > 2014. There is virtually no use for it anymore. > > The “mount_smbfs” utility in FreeBSD only uses that protocol, which results > in making it useless with newer versions of Microsoft’s operating systems, as > well as other OS’s that have depreciated the use of SMBv1. > > I would like to suggest that FreeBSD do one of the following: > > 1) Remove “mount_smbfs” from FreeBSD. This would probably be in versions 12.1 > or 13. It is perhaps too late to get into FreeBSD 12. > > 2) Update “mount_smbfs” so that it is compatible with versions SMBv3 and > greater. While "SMBv2" is not dead, it is definitely comatose. This would be a > better idea if someone had the time to do it. > > Thank you for taking the time to read this suggestion. Is there any working (production ready) alternative in ports tree? We are in heterogenous environment and some of our servers have more than 10 SMB shares mounted by mount_smbfs. Kind regards Miroslav Lachman