Introduction
SMB(Server Message Block)
The communication protocol is an agreement formulated by Microsoft and Intel in 1987. It is mainly used as a Microsoft
communication protocol for the network. It is one of the two poles of the network file system protocol in the world today.
Samba
It is SMB/CIFS(Server Message Block / Common Internet File System)
a re-implementation of the network protocol, which can share resources such as files and printers between different computers in the LAN, and has NFS
similar functions.
Why Choose samba
Protocol
Compared with NFS
the , FTP
, SMB
, WebDav
, DLNA
protocols, SMB
the protocol has the best compatibility and a wide range of support, 安卓/win/mac/linux
including native support for TVs and boxes from various manufacturers.
Provide end-to-end encryption, high security, rich configuration options, support ACL and support multiple user authentication modes
Install
The usual practice is to update the system first
apt update
apt upgrade
apt autoremove
bash
1. Install samba
apt install samba
bash
- The default service name is
nmbd
, restart example:systemctl restart nmbd
- The default configuration file is:
/etc/samba/smb.conf
2. Add samba
user
samba
The user and permission system used Linux
, but with its own authentication mechanism.
samba
The user must first be a Linux
user, otherwise the creation will fail.
2.1 Create a Linux user
useradd -s /bin/bash -m samba
bash
-m
home
: is to automatically create asamba
directory in the directory-M
: not tohome
automatically create the user'ssamba
directory in the directory.-s
: The specified user loginshell
2.2 Create a smb
user
smbpasswd -a samba
bash
Manually enter the password twice, and other parameters can be smbpasswd -h
checked by
-a
: New users
3. Configurationsmb.conf
在/etc/samba/smb.conf
配置文件的最后添加如下内容
[shared]
# 共享文件目录描述
comment = Shared Dirs
# 共享文件目录
path = /mnt/sdb1
# 设置共享是否允许guest账户访问
public = no
# 设置共享的管理员,如果 security =share 时,引项无效,多用户中间使用逗号隔开,例如admin users = samba,user1,user2
admin users = samba
# 设置共享是否可浏览,如果no就表示隐藏,需要通过IP+共享名称进行访问
browseable = yes
# 设置共享是否具有可写权限
writeable = yes
# 创建的文件权限为666
create mask = 0666
# 创建的目录权限为666
directory mask = 0666
# 设置共享是否具有只读权限
# read only = yes/no
# 设置允许访问共享的用户,例如valid users = user1,user2,@group1,@group2(多用户或组使用逗号隔开,@group表示group用户组)
# valid users = username
# 设置不允许访问共享的用户
# invalid users = username
# 设置在共享具有写入权限的用户,例如例如write list = user1,user2,@group1,@group2(多用户或组使用逗号隔开,@group表示group用户组)
# write list = username
bash
4. 重启
systemctl restart nmbd
bash
访问
window
: \\<ip>\shared
华为手机:文件管理 -> 浏览 -> 网上邻居 -> 添加设备
备注
1、 global
节点security
参数说明
[global]
#设置用户访问samba服务器的验证方式 ,一共四种验证方式。
# 1. share:用户访问Samba Server不需要提供用户名和口令, 安全性能较低。
# 2. user:Samba Server共享目录只能被授权的用户访问,由Samba Server负责检查账号和密码的正确性。账号和密码要在本Samba Server中建立。
# 3. server:依靠其他Windows NT/2000或Samba Server来验证用户的账号和密码,是一种代理验证。此种安全模式下,系统管理员可以把所有的Windows用户和口令集中到一个NT系统上,使用Windows NT进行Samba认证, 远程服务器可以自动认证全部用户和口令,如果认证失败,Samba将使用用户级安全模式作为替代的方式。
# 4. domain:域安全级别,使用主域控制器(PDC)来完成认证。
security = share
bash
2、 权限数字说明
- r -> 4: 可读
- w -> 2: 可写
- x -> 1: 可执行
- 0: 无权限
0666
: 表示 [文件类型][所有者][组成员][其他用户]的权限都是可读写
来源: debian11安装samba(smb)协议的网络共享
作者: Ababa
文章链接: https://itlangzi.com/s/JhnoN4.html
本文章著作权归作者所有, 任何形式的转载都请注明出处