Go to content Go to navigation Go to search

Tread lightly on the things of earth

Mike’s weblog about computing, politics, and faith (a progressive view)

Mounting Samba volumes in Mac OS X

Posted in Weblog (filed under radio)
—Mike @ Friday March 29, 2002

I wondered how to mount Windows- and Samba-served shares in Mac OS X without sending the password completely in the clear. I posted my useful (to me) findings on my wiki.

Clearly, I’m still trying to decide when to use a weblog, when to use a wiki.

<!— imported into MT from 2002 Radio entry via RE on 2003-12-10 —>

2005-06-15: Content of the now-offline wiki page:

2002-03-27: I wondered how to mount Windows- and Samba-served shares in MacOsX without sending the password completely in the clear.

I started down the road of finding the tunnel-smb-in-ssh syntax, as I already successfully tunnel all X, IMAP, and CVS traffic (either to keep password secure or transit firewalls). A Google search shows an ssh solution is likely.

But I stopped short of that because the following setup works very conveniently and at least doesn’t transmit the passwords in clear text. (And I don’t need to mount a Samba volume through a firewall so as to need ssh; scp and rsync are faster for those infrequent occasions.)

These details found in man mount_smbfs and /private/var/root/.nsmbrc (which I assume was part of the OSX install).

 ~/.nsmbrc: 

 # First, define a workgroup. 
 [default] 
 workgroup=WORKGROUP 

 #[MACHINE]                   the NetBIOS name of the Windows- 
 [PROD]                       or Samba-running Unix box 
 addr=192.168.1.250           box's IP address 
 [DEV] 
 addr=192.168.1.251

 #[MACHINE:USER] 
 # use persistent password cache for *user* 'mike' 
 # generate password with smbutil command 
 # (MWJ: 'smbutil -v crypt', then type literal share password at prompt) 
 [PROD:MIKE] 
 password=$$17xxxxxxxxxxxxx 
 [DEV:MIKE] 
 password=$$17xxxxxxxxxxxxx

Chmod ~/.nsmbrc to 0600.

Then both Finder and command-line mounts work:

Finder:
Command-K (Go/Connect to Server…)
Address: smb://dev/sharename (You still have to already know the exact sharename)
Connect.

Presto!

CL (command line):
mount_smbfs //dev/sharename /mnt/dev/sharename

where /mnt/dev/sharename is a mountpoint you’ve made with mkdir and chown to you. (Permissions of mounted directory’s contents appear to be inherited from mountpoint directory permissions.)