SMB file share on Ubuntu for the Lab

/ Instructional / By

Purpose:

Today’s lab will cover installation and setup of an SMB share on an Ubuntu machine. NFS is another option. For my home lab which uses both Windows and Linux machines, SMB is the best choice. For the longest time I would just set up a simple http server using a python module to transfer files (I still do). That was up until a few months ago when I thought why not set up a more permanent solution on all machines.

Lab material:

  • Samba installed on host
  • cifs-utils/smbclient installed on remote machine

Steps

1) Install Samba on host machine

This is one of the pre-requisites covered under Lab material. 

sudo apt-get install samba

2) Setup new user/password for Samba

This is going to be the username used to give access when connecting to the share. In order for the username to take it must first be a unix user. See note under step 5 for clarification.

3) Add share to smb.conf

First we must create a directory on host machine. 

sudo mkdir /mnt/LabShare

After creating the directory we then want to modify the smb.conf located in /etc/samba directory.

#LabShare
[LabShare]
path = /mnt/LabShare
valid users = cyberme
read only = no

After modifying we then want to restart the service 

sudo systemctl restart smbd

Once the service is restarted you will want to run the testparm command to check config file

At the very bottom you should see the share we had just created.

4) Firewall rules / Share permissions

If UFW is installed and enabled on the machine you will want to allow Samba

sudo ufw allow Samba
sudo ufw enable
sudo ufw status

After configuring the firewall we will want to change ownership of share to nobody/nogroup along with read/write/execute permissions for user/group/everyone else. This can vary from one lab to the next but for me personally I want all of my assigned users to have read/write.

Default
chmod/chown

5) Access share on remote machine using smbclient (Ubuntu)

Install smbclient and cifs-utils (used for mounting) on remote machine

sudo apt-get install smbclient && sudo apt-get install cifs-utils

NOTE: I just wanted to bring this up now, for whatever reason I have ran into a problem during the lab but never during initial setup months ago. When I created the username “cyberme” in step 2 it does not work when trying to login from any machine, Linux or Windows. I created a new user “jack” and it works great. With that in mind, if you try to create a new user using smbpasswd, that user must be a unix user first. 

sudo useradd -m jack
sudo smbpasswd -a jack

Since we are on the topic, you can verify users are created with samba by using 

sudo pdbedit -L -v

After creating the new user, make sure you edit the smb.conf file along with restarting smdb service

Before discussing mounting, I wanted to cover the smbclient method. This method can be used to temporarily access a share. The following command will list all shares setup on server

smbclient -L //192.168.1.17/ -U jack

Now that we verified share is on network and able to be viewed, lets try to access it using smbclient

smbclient //192.168.1.17/LabShare -U jack

6) Mount SMB share to access persistently

On the remote machine we only need to do two things. First we will create a credentials file. Followed by editing the fstab file. With modifying the fstab file we will be able to persistently mount the share giving access even after reboot.

Before we forget, lets make sure we create a directory for the share to be mounted on.

sudo mkdir /mount/LabShare

Next we will want to create the credentials file which will be used to access the drive. This can be created anywhere, for the lab I will create in home directory and hide file with .

touch ~/.smbcreds          #can be named anything as it will be used in fstab

Inside of this file we will want to have the username, password and domain all assigned a value

Now since we are storing credentials inside of a file it is a good idea to prevent unwarranted access by limiting permissions to the user only

sudo chmod 0600 ~/.smbcreds

The last step before mounting the share is to edit /etc/fstab and placing the following line at the end of the file. It is a good idea to use comments to label what it is you are mounting.

Mount it!

sudo mount -a

If all goes well, you may not see anything and when you open the folder you should see any files that you created on host.

Conclusion

I hope you were able to take something away on this lab. Using SMB protocol you can easily setup shares in your HomeLab to transfer files between machines. For this write up I am trying to play around with some of the markup tools provided by WordPress using code blocks. This may allow others to copy and paste if necessary, compared to the snippets I usually take.

My next instructional post will cover the steps necessary to install and configure a VPN in the lab, giving access when away on the road. Stay tuned and as always, Never Stop Learning!