I don't have any details to add unfortunately. I'd assume following the Samba "upstream" project and developments (if any) on this topic is the best place for the Clonezilla maintainers/volunteers to focus on if there's any interest.
On Fri, Apr 19, 2024 at 10:09 PM Steven Shiau <ste...@narlabs.org.tw> wrote: > Hi James, > Thanks for your feedback. Actually we are not familiar with MS Windows. > Do you know any GNU/Linux docs that address the issue you mentioned? It > would be great if the samba doc is specially for Debian or Ubuntu. > > Regards, > Steven > > On 2024/4/7 22:18, James Epp wrote: > > Thought I'd throw this thought into the wild for anyone to pick up and > > run with. This doesn't directly affect me. > > > > In Clonezilla today (3.1.2-9) when setting up a connection to a SMB > > share for device-image mode, it prompts for a security mode (auto vs > > ntlm). > > > > What auto actually does under the hood is a bit unclear. At least in > > Microsoft land (and I'm not a good person to speak on Windows auth > > internals), you have three authentication methods - Negotiate, > > Kerberos, and NTLM. NTLM is then broken down into NTLM2 and NTLM1 > > (hopefully no one is using NTLM1 these days). Negotiate tries Kerberos > > first and fallsback to NTLM2 if Kerberos fails. > > > > Microsoft recently made announcements that they're going to try to > > phase out NTLM entirely from Windows. This could impact Clonezilla > > users who use Microsoft SMB shares. At some point in the future - by > > default - Kerberos may be the only method for authentication, and it's > > not clear if Clonezilla supports Kerberos for authentication today. > > > > Obviously this can turn into a rabbit hole quickly - new firewall > > requirements, time becomes significantly more important, etc etc. > > > > I'm not familiar at all with MIT KRB5 on GNU/Linux distros so as > > mentioned before, I am just throwing this out there for someone who's > > smarter than I to consider. > > > > > > _______________________________________________ > > Clonezilla-live mailing list > > Clonezilla-live@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live > > -- > Steven Shiau <steven _at_ stevenshiau org> > Public Key Server PGP Key ID: 4096R/163E3FB0 > Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 > > > > _______________________________________________ > Clonezilla-live mailing list > Clonezilla-live@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/clonezilla-live >
_______________________________________________ Clonezilla-live mailing list Clonezilla-live@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/clonezilla-live
