Answers to: secure automatic connection to MS-Windows file share (cifs)

Comment by daves dad on Ron's answer

daves dad — Tue, 17 Apr 2012 10:33:02 -0400

Usualy I use sshfs, but I need access to a windows cifs file share. We can not give access to everyone so authentication is necessary. I do not want the password stored on the laptop, as a lost laptop will allow access (even if root only readable). With sshfs I store the key encrypted with a passphrase. If I had a solution that needed root privileges I can wrap it in a set uid.

Answer by Seth Brown

Seth Brown — Tue, 17 Apr 2012 07:56:42 -0400

I could be wrong but I think the mount command ALWAYS requires root privileges to run.

The best you can do, is to make ~/Files/server-mount/credentials read-only by root and do not share the root password.

Comment by Ron on Ron's answer

Ron — Thu, 01 Mar 2012 17:40:01 -0500

What is your ultimate goal? Maybe you don't want to do a Windows fire share at all, maybe setting up an autossh is the way to do it using keys, or an SFTP deal, more info please.

Comment by daves dad on Ron's answer

daves dad — Thu, 01 Mar 2012 05:33:08 -0500

Yes fstab is a good idea (It does require root to set up, but you saw me use sudo above so know I can do this.). However the solution to stoping someone copying the key, is to remove the lock, is not going to help.

Answer by Ron

Ron — Wed, 29 Feb 2012 18:10:53 -0500

Without root privileges - Setup the share in fstab

Without storing password - Make the "Everyone" user available with full access in the advanced permissions (sharing) on Windows PC

Automatically on login - Setup the share in fstab