Q: Access File Share after badlock update
This is the situation.
I have a linux machine (debian) (rapberry pi) and want to connect to the SMB file share defined on an osx machine running the latest OSx (10.11.5) with the latest Server.app (5.1.5). The share are exposed using the server.app.
The debian machine use Smbclient version 4.2.10-Debian which includes the patch for the "badlock" vunerablities . ( CVE-2016-2118) . This client is unable to connect to the shares:
$ smbclient -L //osxserver/MediaContent -U USER
Enter USER's password:
ntlmssp_handle_neg_flags: Got challenge flags[0x22810205] - possible downgrade detected! missing_flags[0x00080010] - NT code 0x80090302
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
SPNEGO(ntlmssp) login failed: NT code 0x80090302
session setup failed: NT code 0x80090302
Running the same command with debug ( option -d10)
NTLMSSP_NEGOTIATE_128
ntlmssp_handle_neg_flags: Got challenge flags[0x22810205] - possible downgrade detected! missing_flags[0x00080010] - NT code 0x80090302
The "internet" thinks that the apple implementation of the smb protocol (smbx) might not be impacted by the badlock bug. But it definitely impacted by the fix rolled-out by the different clients.
Is this a known issue and is there a workaround ?
Thank for any help provided.
Posted on May 29, 2016 3:14 AM