Bug #40716

Updated by Cpu Roast about 2 years ago

To this day FreeNAS 11.1 U5 still allows SMB1 by default.

Because of the change to the UI, removing the Min/Max SMB version options, SMB1 is most likely enabled on the majority of FreeNAS systems out there.

Before the change, I had set a min of SMB2 and a max of SMB3, which is a sane default in this day and age.
After the change, it reverted my settings back to the FreeNAS defaults, which seems to be a min of SMB1 and a max of SMB3. I fixed that with an aux param of "min protocol = SMB2"

I propose that the setting be upgraded for security reasons to include "min protocol = SMB2" as a default.
If someone has to support legacy clients, they can set "min protocol = NT1" SMB1" in aux params themselves, at least until samba removes SMB1 support, which they may eventually do.

Supporting archaic versions of Windows and samba is something FreeNAS, at least by default, should no longer do.