Re: Best way to serve files to Windows?
On Wed, 25 Jul 2018 23:20:47 -0400 > sshfs > > This is the Windows client which works well for my lab members who > like to use Windows. > > https://www.nsoftware.com/netdrive/sftp/ Not sure if explorer integration is planned by Microsoft but if you want speed in place of convenience then the OpenSSH native command line tools introduced in Windows 1803 are the fastest. Much faster than winscp and significantly faster than Windows subsystem for linux versions, atleast on a client with AES-NI and server without.
Re: Best way to serve files to Windows?
John Long writes: > Hi, > > I have minidlna working fine on OpenBSD. However this doens't help with > Roon media software since they don't have anything for OpenBSD, > unsurprisingly. Roon doesn't want to support dlna. > > I have my Windows foobar2000 appliance roped-off from my LAN because I > don't trust Windows boxes on my network. So I would like to set up some > way to serve the files to Windows from OpenBSD. I guess that is > CIFS/SAMBA? > > Is this secure over the network? I have not done this before and I > don't know what's involved. Is there an approved CIFS implementation to > use? > > Thanks, > > /jl sshfs This is the Windows client which works well for my lab members who like to use Windows. https://www.nsoftware.com/netdrive/sftp/
Re: Best way to serve files to Windows?
Hey guys. Just wanted to let you know about the security aspect. Anything on SMB is passed completely in the clear. You can actually use Wireshark to carve files directly out of PCAP that have SMB traffic. On Wed, Jul 25, 2018 at 1:56 PM Adam Thompson wrote: > On 2018-07-18 09:35, Tom Smyth wrote: > > Hi John, > > You would need microsoft services for unix (SFU) for NFS connectivity > > FYI - so no-one goes haring off in the wrong direction. > > SFU is the server-side component, equivalent to running nfsd(8). > > On the client side, only certain editions of Windows can speak NFS: > - Windows 10 *Enterprise* can mount remote NFS shares. > - Windows 7 *Ultimate* can mount remote NFS shares. > (No idea about Win8, sorry.) > > Win10Ent, at least, has flexible authentication options, but IIRC > defaults to uid=0/gid=0 (gee, thanks). It prefers to use Kerberos > security, which won't work with OpenBSD's NFS server. It's possible to > make this work reasonably well, but it takes a fair bit of time. > > So, as everyone else said, you're better off running Samba on your > OpenBSD system. Have fun. > -Adam > >
Re: Best way to serve files to Windows?
On 2018-07-18 09:35, Tom Smyth wrote: Hi John, You would need microsoft services for unix (SFU) for NFS connectivity FYI - so no-one goes haring off in the wrong direction. SFU is the server-side component, equivalent to running nfsd(8). On the client side, only certain editions of Windows can speak NFS: - Windows 10 *Enterprise* can mount remote NFS shares. - Windows 7 *Ultimate* can mount remote NFS shares. (No idea about Win8, sorry.) Win10Ent, at least, has flexible authentication options, but IIRC defaults to uid=0/gid=0 (gee, thanks). It prefers to use Kerberos security, which won't work with OpenBSD's NFS server. It's possible to make this work reasonably well, but it takes a fair bit of time. So, as everyone else said, you're better off running Samba on your OpenBSD system. Have fun. -Adam
Re: Best way to serve files to Windows?
codeb...@inbox.lv (John Long), 2018.07.18 (Wed) 13:51 (CEST): > I have minidlna working fine on OpenBSD. However this doens't help with > Roon media software since they don't have anything for OpenBSD, > unsurprisingly. Roon doesn't want to support dlna. What network access is officially supported? I've seen a RPi based media player that supported sftp. That would be an easy and secure way. chrooted user, sftp access. > I have my Windows foobar2000 appliance roped-off from my LAN because I > don't trust Windows boxes on my network. So I would like to set up some I see Roon downloads for windows, android, macos, ios. What is your Roon running on? Just saying... > way to serve the files to Windows from OpenBSD. I guess that is > CIFS/SAMBA? If your Roon machine formerly accessed the windows server then it was SMB/CIFS, almost for sure. > Is this secure over the network? I have not done this before and I > don't know what's involved. Is there an approved CIFS implementation to > use? There's only samba. Isn't the Roon box the weakest point? Marcus
Re: Best way to serve files to Windows?
I have Samba/OpenBSD server at university's labs (VLANs, ~100 workstations[win7, win10], ~1k users). There are few readonly shares that are automatically mounted at windows' startup. Users can mount/umount their /homes by "net use..." script (user/pass). They can also access their files over the internet via SFTP. It just works fine, since ~2011. On Wed, 18 Jul 2018 15:22:59 +0200 Solene Rapenne wrote: > > John Long writes: > > > Hi, > > > > I have minidlna working fine on OpenBSD. However this doens't help with > > Roon media software since they don't have anything for OpenBSD, > > unsurprisingly. Roon doesn't want to support dlna. > > > > I have my Windows foobar2000 appliance roped-off from my LAN because I > > don't trust Windows boxes on my network. So I would like to set up some > > way to serve the files to Windows from OpenBSD. I guess that is > > CIFS/SAMBA? > > > > Is this secure over the network? I have not done this before and I > > don't know what's involved. Is there an approved CIFS implementation to > > use? > > > > Thanks, > > > > /jl > > Hello, > > I would recommend samba. You can also try using NFS, I've heard that > windows can mount NFS shares. > > About the security thing, I don't know if the protocol used by samba is > secure between clients, but you can still run a VPN between your openbsd > box and the Windows client to allow connecting to the samba share > securely. > > regards > -- radek
[Now OT] Re: Best way to serve files to Windows?
On Wed, 2018-07-18 at 16:57 +0100, Tom Smyth wrote: > Hi John, > > I would just follow the SAMBA documentation in setting up the share, > /shared folders, > > then on the windows clients you may have to tweak the security > settings > in the local security policy manager, (but windows out of the box > for domestic > settings) if your windows boxes are controlled by a Windows > Domain then you may need to talk to the windows admin to relax / > enhance > authentication settings and SMB signing settings in the group policy > ) > but a typical windows setup > should just ask you for a username and password to connect to the > setup > samba share > Thanks Tom. It's my box and I'm the incompetent sysadmin, so no worries other than those self-inflicted ;) I got spoiled years ago by ssh and RSA authentication and I don't like the idea of username/password in general.. but the traffic doesn't go to the outside world in my setup so I guess it is ok. > keep it simple for now > the eventlog (system event log) with the following > windows command > eventvwr > will spew errors if there are a mismatches in your security settings > and you will get hints by looking up errors as you see them, Thanks, this is good info! Not sure if I'll keep Roon or not. It has some nice features but it is still pretty rough on things I would have thought it should handle. /jl
Re: Best way to serve files to Windows?
Hi John, I would just follow the SAMBA documentation in setting up the share, /shared folders, then on the windows clients you may have to tweak the security settings in the local security policy manager, (but windows out of the box for domestic settings) if your windows boxes are controlled by a Windows Domain then you may need to talk to the windows admin to relax / enhance authentication settings and SMB signing settings in the group policy ) but a typical windows setup should just ask you for a username and password to connect to the setup samba share keep it simple for now the eventlog (system event log) with the following windows command eventvwr will spew errors if there are a mismatches in your security settings and you will get hints by looking up errors as you see them, I hope this helps Tom Smyth On 18 July 2018 at 16:29, John Long wrote: > @tom @solene > > Thanks guys. I'll look into Samba. I hope it won't turn out to be a > typical Windows nightmare. > > Are there any reliable setup guides on the net? > > I will basically want to just make a couple of directory trees > available read-only. > > Thanks, > > /jl > >
Re: Best way to serve files to Windows?
@tom @solene Thanks guys. I'll look into Samba. I hope it won't turn out to be a typical Windows nightmare. Are there any reliable setup guides on the net? I will basically want to just make a couple of directory trees available read-only. Thanks, /jl
Re: Best way to serve files to Windows?
Hi John, You would need microsoft services for unix (SFU) for NFS connectivity I would try SAMBA first, if it was my choice, be aware that you may have to change some SMB Signing and NTLM Authentication setings in local policies / security policy/ Security options/ in microsoft gpedit.msc tool or secpol.msc to get them talking to SAMBA. Thanks On 18 July 2018 at 14:22, Solene Rapenne wrote: > > John Long writes: > > > Hi, > > > > I have minidlna working fine on OpenBSD. However this doens't help with > > Roon media software since they don't have anything for OpenBSD, > > unsurprisingly. Roon doesn't want to support dlna. > > > > I have my Windows foobar2000 appliance roped-off from my LAN because I > > don't trust Windows boxes on my network. So I would like to set up some > > way to serve the files to Windows from OpenBSD. I guess that is > > CIFS/SAMBA? > > > > Is this secure over the network? I have not done this before and I > > don't know what's involved. Is there an approved CIFS implementation to > > use? > > > > Thanks, > > > > /jl > > Hello, > > I would recommend samba. You can also try using NFS, I've heard that > windows can mount NFS shares. > > About the security thing, I don't know if the protocol used by samba is > secure between clients, but you can still run a VPN between your openbsd > box and the Windows client to allow connecting to the samba share > securely. > > regards > > -- Kindest regards, Tom Smyth Mobile: +353 87 6193172 The information contained in this E-mail is intended only for the confidential use of the named recipient. If the reader of this message is not the intended recipient or the person responsible for delivering it to the recipient, you are hereby notified that you have received this communication in error and that any review, dissemination or copying of this communication is strictly prohibited. If you have received this in error, please notify the sender immediately by telephone at the number above and erase the message You are requested to carry out your own virus check before opening any attachment.
Re: Best way to serve files to Windows?
John Long writes: > Hi, > > I have minidlna working fine on OpenBSD. However this doens't help with > Roon media software since they don't have anything for OpenBSD, > unsurprisingly. Roon doesn't want to support dlna. > > I have my Windows foobar2000 appliance roped-off from my LAN because I > don't trust Windows boxes on my network. So I would like to set up some > way to serve the files to Windows from OpenBSD. I guess that is > CIFS/SAMBA? > > Is this secure over the network? I have not done this before and I > don't know what's involved. Is there an approved CIFS implementation to > use? > > Thanks, > > /jl Hello, I would recommend samba. You can also try using NFS, I've heard that windows can mount NFS shares. About the security thing, I don't know if the protocol used by samba is secure between clients, but you can still run a VPN between your openbsd box and the Windows client to allow connecting to the samba share securely. regards
Best way to serve files to Windows?
Hi, I have minidlna working fine on OpenBSD. However this doens't help with Roon media software since they don't have anything for OpenBSD, unsurprisingly. Roon doesn't want to support dlna. I have my Windows foobar2000 appliance roped-off from my LAN because I don't trust Windows boxes on my network. So I would like to set up some way to serve the files to Windows from OpenBSD. I guess that is CIFS/SAMBA? Is this secure over the network? I have not done this before and I don't know what's involved. Is there an approved CIFS implementation to use? Thanks, /jl