potential threats

you are here :[ -->networks--> samba mini howto]

base || coding || networks || linux || contact

samba mini howto for the very impatient

this document describes the setup of the samba server and client under linux for the very impatient. it shows the reader how to access a windows box from linux and vice versa. it is based on debian/GNU linux, but apart from the package installation process it should also helpful for every other flavour of linux or unix. i used debian sarge/testing und samba 3.0.4. commands you need to type are written in italics .

I : accessing windows shares from linux

the tool you need for this is smbclient. it is a command line tool that provides a ftp-like syntax to access ressources on a windows server. let's start with installing it. under debian, it should be sufficient to do apt-get install smbclient. rpm -i smbclient or something like that should do the same under redhat, fedora, suse and other rpm-based distributions.

now, let's access drive C of a windows box named SHADOW with the IP :

spirit@threat $ smbclient //$ -U Administrator
Password : type password here
Domain=[SHADOW] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]
smb: \>

hint : if this doesn't work, make sure you have the firewall of the windows client turned off / configured properly and are using the correct username and password. do also remember that the administrator account may have been renamed.

note that you don't even need to setup a share for this method of accessing the windows box, because there is a default share named "driveletter$" for every drive. of course, you need the admin password of the windows box to access the c$, d$, and so on shares. btw, a $ behind the name of a share means that the share is invisible to clients requesting the list of share on the server. this means you need to know it's there to access it.

if you don't have the admin password for the windows box, you need to access a share someone explicitely set up on the box. make sure you have the username and password of a valid user for the share you want to access. assuming there is a share named music on the machine from the first example and the user dichtfux has the password secret and is allowed to access it, you would do :

spirit@threat $ smbclient // -U dichtfux
Password : secret
Domain=[SHADOW] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]
smb: \>

you may now issue ftp commands like ls, lcd, cd, get to navigate and access ressources. typing ? shows you all commands available, exit exits ;-).

hint : to get lots of files, it may be wise to zip them into an archive under windows, get the archive and unzip them under linux. you may need to install unzip for this to work under linux. simply do apt-get install unzip under debian. rpm -i unzip or something like that should do the same under redhat, fedora, suse and other rpm-based distributions.

if you don't feel like doing the zip/unzip-dance every time you want to access many files in a directory tree, you could do one of the following :

you could install smb4k (apt-get install smb4k), an X based graphical interface that allows you to browse the network for shares and other ressources.

you could apt-get install smbmount and mount the share by typing smbmount // /mnt -o username=dichtfux. you may then simply copy the stuff you want to your local hdd like this : cp -r /mnt/refused/ /home/spirit/music/.

to mount the samba share at boottime on your linux clients, adapt your /etc/fstab. add a line like this :

// /mnt/remote/router-smb smbfs credentials=/etc/samba/remote/router.cred 0 0

and create the credentials file, in this example /etc/samba/remote/router.cred. it should be owned by root, chmodded 0700 and contain 2 lines like :

user = username_here
password = password_here

II : offering a share for windows clients

of course, you need samba for this : apt-get install samba. this will install, setup and start samba. samba is configured to start automatically when the system is booted via the samba script in /etc/init.d/, not via inetd. if you don't want samba to run at bootup, remove the symlinks SXXsamba from /etc/rc3.d and /etc/rc5.d and KYYsamba from /etc/rc6.d. you may also rename /etc/init.d/samba , for example to /etc/init.d/_OFF_samba. removing the symlinks has the advantage that you may still start samba manually by typing /etc/init.d/samba start.

i would suggest you create a new user named share , set his login shell to /bin/false, create a home directory /home/share for him that will be shared.

the next step is to create a samba user named share :

smbpasswd -a share
New SMB password : password
Retype new SMB password : password
Added user share.

sharing the home directory of the user is archieved by editing /etc/samba/smb.conf appropriately and restarting the samba server afterwards. as the default settings of samba 3.0.4 are ok for what we intend to do, we simply add a share definition that looks like this to /etc/samba/smb.conf :

comment = linux smb share
path = /home/share
browsable = yes
read only = yes
write list = share

you may then restart the samba daemon :

/etc/init.d/samba restart

let's assume your linux box has the IP you may now access the share from the windows box by clicking [START]->run and entering \\\. you'll be prompted for the username and password and are then allowed access to the share.

if it doesn't work, check your firewall configuration. my complete smb.conf can be found here .

base || coding || networks || linux || contact