![]() Look, it may also work on other desktop environments, but I haven't tested it yet. Why weren't other desktop environments tested? And that's fine, but this script has only been tested on Ubuntu and Pop OS. Should you end up with something that looks like this below:īefore you download and run this script, you may not be on a Gnome-based Ubuntu-type distro. Right-click on the directory and select Network Share.Ĭheck off the Allow others to create and delete files in this folder box. Locate the directory in Nautilus (Files on Pop OS). This will once again assume Gnome for the sake of simplicity using Nautilus. I also recommend rebooting the client computer with which you will be accessing the remote shares.īack on the computer with the remote shares, we need to make them…shareable. So go ahead and restart then and then reboot. Instead, I prefer to spot any errors now vs. I like restarting the above services, not because it's going to help get sharing going per se. And even though your Samba shares are only available on your local network, it's best to keep things locked down on a fundamental level. This command will allow you to set up a strong password for your Samba shares. Step four - Lock the doors behind you with a strong password. Where $USER is, you can leave it as is, or to understand how the pieces go together, replace it with the results of your whoami command previously. Step three - Everyone wants to belong to the cool group. Now let's add your Linux user to the appropriate Linux group. That command won't help you figure out who you are as a person, but it will tell you your current username as your distro sees you. Sudo apt update & sudo apt install samba nautilus-shareĭid I lose you? Hopefully, those instructions weren't too complex. Step one - install your Samba bits (this assumes Ubuntu-based distros and Gnome). Understanding the risks and potential consequences of stranger-danger in your network shared directories, allow me to show you the simple steps to do the following: No one needs this in their life - not even the KFC Colonel himself. Without a username and password authorizing access to your Samba files, you might end up with a KFC breakdancer man putting his “finger lickin' good” phalanges all over your shared files. The above example is why it is important to know who is accessing your shared files. ![]() Thankfully he's just there to pass out coupons for new customers. There is some whackjob who is clearly "a few cards shy of a full deck" breakdancing on your porch with a KFC bucket on their head. You open the door a crack and are shocked to witness something I hope no one ever has to experience. ![]() You put down the dinner you've been nibbling at to see who is bothering you at this late hour! You yell to the person on the other side of the door, "Who is it?" No answer. You've got the house to yourself, and you'll finally binge-watch your favorite streaming series. You have your favorite food on a TV tray. Imagine you're all settled in for the night. So why is it still an issue on otherwise newbie-friendly Linux distros in 2022? Consider the following tale of woe… When prompted, use the password entered when adding the user to Samba.Like most desktop environments that offer GUI tools to get Samba working, Gnome forgets two simple steps - the user and the password. ![]() Try locally first, then from another machine on the network which also installed samba client. Try to access the shares (as a normal user) Iptables -A INPUT -p tcp -dport 445 -s 192.168.1.0/24 -m state -state NEW -j ACCEPT Iptables -A INPUT -p tcp -dport 139 -s 192.168.1.0/24 -m state -state NEW -j ACCEPT Iptables -A INPUT -p udp -dport 138 -s 192.168.1.0/24 -m state -state NEW -j ACCEPT To list existing Samba users: pdbedit -w -LĪllow access from machines in the local LAN: iptables -A INPUT -p udp -dport 137 -s 192.168.1.0/24 -m state -state NEW -j ACCEPT You will be prompted for a password for each of those users. Note that the users have to exist in /etc/passwd # smbpasswd -a me Samba uses it's own password system so users need to be added by root. To share files in some other path on the system, add another share definition such as: In that section you may enable read-write access to the home directories: read only = no Page cleanup/reorganization in progress below this point ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |