I’ve been using Fedora since v10 and have never had any problems, but on doing a fresh install of Fedora 34 on a new machine, I find it will not support my Buffalo Terastation NAS drives, which use Samba 1.
I have since found that somebody somewhere has decided that this is a “security risk” - who to, exactly…? This is my network, I am the system admin, surely I should be the one to decide what I consider a security risk or not…? I have excellent software and hardware firewalls in place, probably the NSA or GCHQ could hack into my system if they wanted to, but I don’t think it wouldn’t be all that easy for the average Joe.
I want my network drives back…! I don’t see that I should be forced to go out and buy new hardware that supports a later version of smb in order to access data that is sitting on hard drives that I can see from my chair.
I am not a happy bunny. If I can’t get access to my drives again, I may well decide Fedora isn’t for me. Maybe there is another distro out there that will do what I want, maybe not, and if there isn’t I’ll have to stump up the cash for new NAS drives. But I really don’t see why I should have to based on the arbitrary decision of someone who has no knowledge of even the existence of my system, much less how I use it.
I don’t think that changing distribution will solve your issue. As far as I know, even Ubuntu (at least starting with 18.04) can’t access smb1 shares by default. Even Windows itself has smb1 disabled. Maybe installing a dated system you would be fine, but…
BTW you should look around the web, for some smb.conf options. I remember an option called spnego, or/and something like min version.
Thanks for the reply, I did manage to get it working on a Win10 installation I use occasionally, so I know it can be done, I’m just struggling to understand why someone who doesn’t even know of my existence should make an arbitrary decision that denies me access to my own hardware.
I’ll look for the things you mention, thanks. Sorry if I appear to sound off, but I get really angry about things like this.
Well. Generally I would blame hardware vendors that in a couple of years put their products in End Of Life and they don’t release new updated firmwares with the latest security fixes and up to date standards.
SMBv1 is not only easily exploitable but there are tons of active exploits which target this vulnerability. Not having it disabled by default would be completely irresponsible.
That being said if you want to enable it on your system go for it. I think it is a terrible idea so I am not going to post in the forum how but a quick search on enable samba smbv1 should yield what you are looking for.
Thanks, I have now figured it out. Sorry if I sounded a little hot under the collar, but I do resent someone else deciding what is a security risk on someone else’s system.
Advise, yes. Warn, yes. But deny access, no. Make it opt-in when installing, perhaps…?
Very annoying for people who have hardware or software that requires it, but when Microsoft’s SMB guy literally begs people to stop using SMB1 since at least 2016 maybe there’s a good reason.
Why not review the software in your NAS and update it to use the newer samba version. That then would be the best solution. The NAS having only SMBv1 available seems unlikely, but it uses it for universal access on older software on the PCs.
I see that even some of the newer NASes on the market tout samba v1 and people who are not savvy with the current state of samba and the world still buy them that way. Most people at home are reasonably safe from that attack, but hackers can break through the router & its firewall then they become fair game.
I don’t use Microsoft. Well only occasionally on a standalone laptop for programming 2-way radios.
I just don’t see why I should have to spend $$$ on a new NAS when the old one is still perfectly serviceable (I have several spare HDD’s for the RAID5 array and in 15 years I’ve only ever had to replace one of them).
Yes, they’re old. So am I. But both of us still work and we like one another.
You got it working, so you really don’t need to replace it. My comment was for thought and possible advice for others reading this thread.
I haven’t bought an NAS for myself since it is difficult to do without being forced to use samba for access. I would much rather use a linux protocol such as NFS and have the drives formatted to ext4 on my NAS so am still looking for what I can use to do that without a major investment in config, time, and $. I may eventually re-purpose one of my older PCs and just a jbod case of drives using mdadm to do that.
They may do so but certainly do not advertise such in the marketing data. I have looked at both Synology and Qnap info and cannot find any references to ext4 / nfs storage.
Would like to know what your workaround was? Did you make Fedora using SMBv1 or did you make a change on your Buffalo NAS?
For the second one a link : https://www.youtube.com/watch?v=bVOx2COnqxg