From 6f8711840e0a812ffa5140243d3adfe0aed64e98 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Fri, 23 Sep 2011 12:29:24 -0400 Subject: manpage: document sec=ntlmssp(i) and clean up discussion of signing Acked-by: Shirish Pargaonkar Signed-off-by: Jeff Layton --- mount.cifs.8 | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/mount.cifs.8 b/mount.cifs.8 index 64a8b64..81ebdbe 100644 --- a/mount.cifs.8 +++ b/mount.cifs.8 @@ -326,7 +326,7 @@ krb5 Use Kerberos version 5 authentication .sp -1 .IP \(bu 2.3 .\} -krb5i Use Kerberos authentication and packet signing +krb5i Use Kerberos authentication and forcibly enable packet signing .RE .sp .RS 4 @@ -348,7 +348,7 @@ ntlm Use NTLM password hashing (default) .sp -1 .IP \(bu 2.3 .\} -ntlmi Use NTLM password hashing with signing (if /proc/fs/cifs/PacketSigningEnabled on or if server requires signing also can be the default) +ntlmi Use NTLM password hashing and force packet signing .RE .sp .RS 4 @@ -370,10 +370,32 @@ ntlmv2 Use NTLMv2 password hashing .sp -1 .IP \(bu 2.3 .\} -ntlmv2i Use NTLMv2 password hashing with packet signing +ntlmv2i Use NTLMv2 password hashing and force packet signing +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ntlmssp Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message +.RE .sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ntlmsspi Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing .RE -[NB This [sec parameter] is under development and expected to be available in cifs kernel module 1\&.40 and later] +.sp +If the server requires signing during protocol negotiation, then it may be enabled automatically. Packet signing may also be enabled automatically if it's enabled in /proc/fs/cifs/SecurityFlags. .RE .PP nobrl -- cgit v1.2.3