* [PATCH] manpage: document sec=ntlmssp(i) and clean up discussion of signing (try #2)
@ 2011-09-23 15:17 Jeff Layton
[not found] ` <1316791051-5057-1-git-send-email-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
0 siblings, 1 reply; 2+ messages in thread
From: Jeff Layton @ 2011-09-23 15:17 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: shirishpargaonkar-Re5JQEeQqe8AvxtiuMwx3w
This version incorporates Shirish's comments about consistency and wording.
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
mount.cifs.8 | 30 ++++++++++++++++++++++++++----
1 files changed, 26 insertions(+), 4 deletions(-)
diff --git a/mount.cifs.8 b/mount.cifs.8
index 64a8b64..81ebdbe 100644
--- a/mount.cifs.8
+++ b/mount.cifs.8
@@ -326,7 +326,7 @@ krb5 Use Kerberos version 5 authentication
.sp -1
.IP \(bu 2.3
.\}
-krb5i Use Kerberos authentication and packet signing
+krb5i Use Kerberos authentication and forcibly enable packet signing
.RE
.sp
.RS 4
@@ -348,7 +348,7 @@ ntlm Use NTLM password hashing (default)
.sp -1
.IP \(bu 2.3
.\}
-ntlmi Use NTLM password hashing with signing (if /proc/fs/cifs/PacketSigningEnabled on or if server requires signing also can be the default)
+ntlmi Use NTLM password hashing and force packet signing
.RE
.sp
.RS 4
@@ -370,10 +370,32 @@ ntlmv2 Use NTLMv2 password hashing
.sp -1
.IP \(bu 2.3
.\}
-ntlmv2i Use NTLMv2 password hashing with packet signing
+ntlmv2i Use NTLMv2 password hashing and force packet signing
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+ntlmssp Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message
+.RE
.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+ntlmsspi Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
.RE
-[NB This [sec parameter] is under development and expected to be available in cifs kernel module 1\&.40 and later]
+.sp
+If the server requires signing during protocol negotiation, then it may be enabled automatically. Packet signing may also be enabled automatically if it's enabled in /proc/fs/cifs/SecurityFlags.
.RE
.PP
nobrl
--
1.7.6.2
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] manpage: document sec=ntlmssp(i) and clean up discussion of signing (try #2)
[not found] ` <1316791051-5057-1-git-send-email-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
@ 2011-09-23 15:21 ` Shirish Pargaonkar
0 siblings, 0 replies; 2+ messages in thread
From: Shirish Pargaonkar @ 2011-09-23 15:21 UTC (permalink / raw)
To: Jeff Layton; +Cc: linux-cifs-u79uwXL29TY76Z2rM5mHXA
On Fri, Sep 23, 2011 at 10:17 AM, Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org> wrote:
> This version incorporates Shirish's comments about consistency and wording.
>
> Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
> ---
> mount.cifs.8 | 30 ++++++++++++++++++++++++++----
> 1 files changed, 26 insertions(+), 4 deletions(-)
>
> diff --git a/mount.cifs.8 b/mount.cifs.8
> index 64a8b64..81ebdbe 100644
> --- a/mount.cifs.8
> +++ b/mount.cifs.8
> @@ -326,7 +326,7 @@ krb5 Use Kerberos version 5 authentication
> .sp -1
> .IP \(bu 2.3
> .\}
> -krb5i Use Kerberos authentication and packet signing
> +krb5i Use Kerberos authentication and forcibly enable packet signing
> .RE
> .sp
> .RS 4
> @@ -348,7 +348,7 @@ ntlm Use NTLM password hashing (default)
> .sp -1
> .IP \(bu 2.3
> .\}
> -ntlmi Use NTLM password hashing with signing (if /proc/fs/cifs/PacketSigningEnabled on or if server requires signing also can be the default)
> +ntlmi Use NTLM password hashing and force packet signing
> .RE
> .sp
> .RS 4
> @@ -370,10 +370,32 @@ ntlmv2 Use NTLMv2 password hashing
> .sp -1
> .IP \(bu 2.3
> .\}
> -ntlmv2i Use NTLMv2 password hashing with packet signing
> +ntlmv2i Use NTLMv2 password hashing and force packet signing
> +.RE
> +.sp
> +.RS 4
> +.ie n \{\
> +\h'-04'\(bu\h'+03'\c
> +.\}
> +.el \{\
> +.sp -1
> +.IP \(bu 2.3
> +.\}
> +ntlmssp Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message
> +.RE
> .sp
> +.RS 4
> +.ie n \{\
> +\h'-04'\(bu\h'+03'\c
> +.\}
> +.el \{\
> +.sp -1
> +.IP \(bu 2.3
> +.\}
> +ntlmsspi Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
> .RE
> -[NB This [sec parameter] is under development and expected to be available in cifs kernel module 1\&.40 and later]
> +.sp
> +If the server requires signing during protocol negotiation, then it may be enabled automatically. Packet signing may also be enabled automatically if it's enabled in /proc/fs/cifs/SecurityFlags.
> .RE
> .PP
> nobrl
> --
> 1.7.6.2
>
>
Looks correct to me.
Acked-by: Shirish Pargaonkar <shirishpargaonkar-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-09-23 15:21 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-09-23 15:17 [PATCH] manpage: document sec=ntlmssp(i) and clean up discussion of signing (try #2) Jeff Layton
[not found] ` <1316791051-5057-1-git-send-email-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
2011-09-23 15:21 ` Shirish Pargaonkar
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.