Password promt and error when mounting your Samba shares from fstab? Here is why

Problem:

A couple of days ago my Linux system (Manjaro Linux) suddenly refused to mount any of my Samba shares set in the /etc/fstab file. Every time I tried to mount them manually, I’d get a prompt for my password, followed by a mount error 22, also known as “invalid argument”. My share mounts looked like this:

//192.168.1.22/Nas_Files /media/NAS cifs noauto,users,username=thane,passwd=mypassword 0 0

(NOTE: If there are multiple people using your machine, a credentials file is more elgeant and secure than directly entering the password into the fstab file. If you are already using a credentials file, this problem should not be affecting you)

After logging in, these would then be mounted by a script running the command

mount /media/NAS

and I would end up with a perfectly functioning Samba share.

Now, it seems like a recent update changed the mount parameters and removed passwd as a valid parameter. This means that when cifs starts up, it can’t find the password and hence asks the user, before exiting anyways because there is an invalid option (“passwd”) in the fstab.

Solution:

While you are repairing your mountpoints, you might as well put the credentials in a credentials file, instead of in fstab. This will make it harder for people to grab your password from your system, as they can’t just open up /etc/fstab (which contains your password in cleartext) anymore. The easiest way to go about this is as follows:

  1. Create a credentials file in your home folder (any folder that is owned by you will do, but the home directory is the most common place).

    touch ~/.smbcredentials

  2. Open the file with your favorite text editor (eg. nano,vim) and add your username, password and domain (optional) to the file. Then save and quit.

    nano ~/.smbcredentials
    ——————————
    username=thane
    password=mypassword
    domain=mydomain

  3. Set the permissions of the file to restrict access for other users. This will make the file unreadable for any user other than yourself

    chmod 600 ~/.smbcredentials

Alternatively, you can change the passwd parameter to password. This is ok if you are on a single-user system, but I would not recommend it in any other situation.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s