Password Protected Samba Share

From FOG Project
Jump to: navigation, search

This article describes how to create a basic password protected Samba share on Linux, accessible by only one user. This share can be accessed via Windows, OSX, or Linux.

We'll be making a share called fogshare. It will be accessible via UNC paths in windows as \\x.x.x.x\fogshare where x.x.x.x is the server's IP address. The share will reside on disk at /images/fogshare The user defined with permissions and access is called smalluser

I've chosen to place the share in the /images directory because in an optimal fog partition layout, this directory typically has it's own partition and thus ample space. You may place the share wherever you like, simply by choosing another place to create the directory. Be sure to set permissions on the alternate directory and change the path setting in the Samba configuration file.

On CentOS 7, Fedora, RHEL, Ubuntu, and probably Debian, the process is almost identical.

Install Samba

For CentOS 7 and older, and Fedora 21 and older, install Samba:

yum install samba samba-client -y

For Fedora 22 and newer, and probably CentOS 8 and newer, install Samba:

dnf install samba samba-client -y

For Ubuntu and Debian, install Samba:

apt-get install samba samba-client -y

Start Samba

Start Samba on Fedora/CentOS/RHEL:

systemctl start smb

Start Samba on Ubuntu/Debian:

service smb start

Make the directory

Make the directory you want to share:

mkdir /images/fogshare

Create user and set password

Make a user specifically for it:

useradd smalluser

Set the user's password:

passwd smalluser

Add the user to Samba and set a password for the user, this should match the previous password:

smbpasswd -a smalluser

Set permissions

Set permissions on the local directory:

chown smalluser:smalluser /images/fogshare
chmod 770 /images/fogshare

Configure Samba

Setup the samba configuration script:

vi /etc/samba/smb.conf

Instructions on using Vi: vi

Below is the Samba configuration file. Things above [smallshare] are global and apply to all shares. Then below each bracket name, is settings specific to the share. Feel free to copy/paste.

security = user
passdb backend = tdbsam
unix charset = utf-8
dos charset = cp932

[fogshare]
path = /images/fogshare
read only = no
create mode = 0777
directory mode = 0777
writable = yes
valid users = smalluser

Restart Samba

Then restart Samba in Fedora/CentOS/RHEL:

systemctl restart smb

Restart Samba on Ubuntu/Debian:

service smb restart