The following lines were added (+) and removed (-):
Another example for a modern NAS sudo mount -t cifs -o user=nicolep,uid=1001 //apollo/documents /mnt/documents''She will be prompted for a password when she executes this command for sudo, and again for the SMB account password for her account nicolep. Also, the uid is set matching her local account in /etc/passwd so that the mounted share does not appear with all files and directories as owner root, thus they would have not been writable to her.''error: mount.cifs: bad UNC (/apollo/documents) <- if you are getting this error make sure you have two forward slashes on the path //apolloUnmount when done sudo umount //apollo/nicolepTo quickly unmount all your cifs mounts (if the network file server goes down or NAS is offline your system can hang unless you release the mounts) sudo umount -a -t cifs -l=== Slightly improved security with credentials=filename ===You can now Substitute your Windows username and password in the fstab command by specifying "credentials." Then file permissions can be used to restrict read access to the still plain text passwords in the credentials file. using credentials=filename specifies a file that contains a username and/or password. This is preferred over having passwords in plaintext in a shared file, such as /etc/fstab. Be sure to protect any credentials by saving the file (as root) to /root/, and chmod 600. cd echo username=mywindowsusername > /root/.smbpasswd echo password=mywindowspassword >> /root/.smbpasswd chmod 600 /root/.smbpasswdThen in fstab credentials=/root/.smbpasswdAn example of the fstab entry: //apollo/video/ /mnt/video cifs defaults,vers=1.0,domain=workgroup,credentials=/root/.smbpasswd,iocharset=utf8,sec=ntlm 0 0This is only the basic level of security that standard file ownership and permissions provide. It is not possible to encrypt the username or password. smbclient needs access to the plaintext password in order to mount the share. Although the SMB/CIFS session is typically negotiated without sending the unencrypted password across the network, the client still needs access to the plaintext password in order to properly encrypt it during the authentication phase.=== No dialect specified on mount ===When attempting to 'mount -a' against your /etc/fstab you see a system generated error mount error(22): Invalid argument Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)Further analysis by looking at kern.log tail -f /var/log/kern.logReveals the following error message kernel: [86079.045389] No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3 (or SMB2.1) specify vers=1.0 on mount. kernel: [86079.065167] CIFS VFS: Unable to select appropriate authentication method! kernel: [86079.065176] CIFS VFS: Send error in SessSetup = -22 kernel: [86079.065219] CIFS VFS: cifs_mount failed w/return code = -22You can always specify a version of SMB //apollo/video/ /mnt/video cifs defaults,vers=1.0,domain=workgroup,username=nicolep,password=mythtv,iocharset=utf8,sec=ntlm 0 0In this example it is specified that the oldest version, SMB 1.0, is specified because the file server is old and runs 1.0.Most NAS devices as of 2020 support SMB 1 through SMB 3.* SMB 1, SMB 2, SMB 2.1, SMB 3We can use a more simplified format that avoids certain parameters being incompatible with the kernel's preferred SMB version. //apollo/home /mnt/nicolep cifs defaults,domain=workgroup,username=nicolep,password=mythtv,uid=1002Note that we specified the uid of the user, which is the uid in /etc/passwd. Without specification of the uid the file system will seem "read only" to the user as owner and group on the mount point will be root when the uid is not specified.Another note: we put the username and password in fstab in an insecure way. An evolution offering slightly better security is available using a so-called credentials file.#Using the mount command in a script (which prompts user for password when executed)HIGHLY RECOMMENDED - As a means to mount NAS and network shares without having to edit fstab or hard coding passwords. More reliable than file manager tools like the one in Nautilus.RECOMMENDED - As a means to mount NAS and network shares without having to edit fstab or hard coding passwords. More reliable than file manager tools like the one in Nautilus.PROBLEMS - The problem with Gigolo is that it mounts shares using smb paths. Linux application support for smb paths is mostly broken. For this reason we are left with the problem of either exposing our password in the fstab file or using gigolo aka smb paths to access network shares and find a lot of applications can't reach the files. Com'on devs! This is CRAP.PROBLEMS - The problem with Gigolo is that it mounts shares using smb paths. Linux application support for smb paths is mostly broken. For this reason we are left with the problem of either exposing our password in the fstab file or using gigolo aka smb paths to access network shares and find a lot of applications can't reach the files. Gigolo uses gvfs-mount as in ( gvfs-mount smb:// ) which results in unwieldy mount points. You will get a mount point that looks like ) /run/user/your-user-name/gvfs/smb-share:server=host_name,share=share_name ) and there's not a damn thing you can do about it.== resources ===== AutoFS can be used to replace Gigolo ===AutoFS is a utility that allows a user to automatically connect to, mount, and use a samba share when the desired mount point is accessed and disconnects when not in use. It offers some distinct advantages over other methods. Unlike the standard fstab method there is no delay in booting the machine if the target server is not present and because of the way it designed there is no delay if the server goes down before you logoff the client.Ubuntu users may wish to read [https://wiki.ubuntu.com/MountWindowsSharesPermanently See [https://forums.linuxmint.com/viewtopic.php?f=42&t=144997 HowTo: Auto Mounting Samba Shares Using AutoFS] for details.MountWindowsSharesPermanently] on the Ubuntu Wiki. It is a guide to how to mount CIFS shares permanently.The autofs filesystem module is only one part of an autofs system. There also needs to be a user-space program which looks up names and mounts filesystems. This will often be the "automount" program, though other tools including systemd can make use of autofs. Then autofs is a Linux kernel module with provides the autofs ilesystem type. Auto-mounts are mounted only as they are accessed, and are unmounted after a period of inactivity. Because of this, automounting NFS/Samba shares conserves bandwidth and offers better overall performance compared to static mounts via fstab.#automount is the program used to configure a mount point for autofs. When autofs is started, an automount daemon is spawned for each map.#Auto-mount or auto-mounting refers to the process of automatically mounting filesystems.#autofs is the program that controls the operation of the automount daemons. Install the autofs package either by clicking here or entering the following in a terminal window: sudo apt install autofsTo configure autofs you will need to edit configuration files. The master configuration file for autofs is /etc/auto.master by default. When specifying a CIFS share in a map file, specify -fstype=cifs and precede the share location with a colon (:). mntpoint -fstype=cifs ://example.com/shrnameExample: Mount read-write, specifying a user and group to own the files: mntpoint -fstype=cifs,rw,uid=myuserid,gid=mygrpid ://example.com/shrnameExample: Mount read-write, specifying a username and password to use to connect to the share: mntpoint -fstype=cifs,rw,username=myuser,password=mypass ://example.com/shrname=== mount via a shell script ===A method of using the mount command in a shell script which will prompt the user for passwords. Doing this in a startup script will require some method of timeout as it could hold up system loading final.Better to have a command to launch script when shares are neededBased on executing the mount command in this fashion sudo mount -t cifs -o username=nicolep //servername/public /mnt/public== resources ==Ubuntu users may wish to read [https://wiki.ubuntu.com/MountWindowsSharesPermanently MountWindowsSharesPermanently] on the Ubuntu Wiki. It is a guide to how to mount CIFS shares permanently.* [[Smbclient notes]]* [[Example of cfis fstab]]