SAMBA newbie
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Thu Mar 10 11:21:20 PST 2005
David Larkin <david.larkin at djl.co.uk> writes:
> On Thu, 10 Mar 2005 18:59:32 +0000
> David Larkin <david.larkin at djl.co.uk> wrote:
>
> > On Fri, 11 Mar 2005 02:15:28 +0900
> > Luke Kearney <lukek at meibin.net> wrote:
> >
> > >
> > > On Thu, 10 Mar 2005 18:28:52 +0000
> > > David Larkin <david.larkin at djl.co.uk> spake thus:
> > >
> > > > I have a FreeBSD 5.3 machine and a Windoze XP box.
> > > >
> > > > I am the only user of both.
> > > >
> > > > I don't want to share files or act as a full time fileserver.
> > > >
> > > > I simply wish to exchange files ocassionally, e.g. copy FreeBSD backup files to the XP box to burn on CD.
> > > >
> > > > I used to use anon ftp for this type of thing but found the security a nightmare. I've now installed Samba on the FreeBSD box , but I'm not sure this is a good idea.
> > > >
> > > > Can I set up a 'sandbox' directory on my FreeBSD machine where both machines can read and write ?
> > > >
> > > > After installing samba and setting the workgroup in smb.conf, i can now see the FREEBSD box in 'view workgroup computers' but clicking on that I am asked for a username/password , which i'm reluctant to give.
> > > >
> > > > Any advice ?
> > > > _______________________________________________
> > >
> > >
> > > Hello,
> > > If you take a look at the documentation you will find that you have
> > > several options, you can encrypt the passwds, you could set up a guest
> > > account with no passwd but restrict access to a particular filesystem to
> > > think of but two.
> > >
> > > HTH
> > >
> > > LukeK
> > >
> >
> > Thanks, I don't want to use any passwords, enrypted or otherwise
> >
> > The guest account sounds interesing.
> >
> > I've commented out the following in smb.conf
> >
> > # This one is useful for people to share files
> > [tmp]
> > comment = Temporary file space
> > path = /tmp
> > read only = no
> > public = yes
> >
> >
> > should this allow everyone on both machines to write to the /tmp directory but not execute anything there ?
> >
> > I still get challenged for a username/password on the XP directory.
> > guest/guest and nobody/nobody both fail
> >
>
> OK, I got that to work by changing the line
> security = user
>
> to
>
> security = share
>
>
> Is this safe ?????
It isn't necessarily *that* bad security-wise, but if anyone else
might get access to the network over which they are communicating,
they could make trouble. On my own home network, I have mitigated
(but not eliminated) this problem by making a very small filesystem
just for this Samba share. [I built the filesystem from file-backed
mdmfs(8).] And make *very* sure that your Samba is not reachable from
other networks.
If you're really the only user of both systems, I would expect ssh
(with public key authentication, to avoid the passwords you said you
didn't want to type) would be easier (because it will work in either
direction, from either machine). But that depends on your actual
usage patterns, of course.
--
Lowell Gilbert, embedded/networking software engineer, Boston area
http://be-well.ilk.org/~lowell/
More information about the freebsd-questions
mailing list