0

After installing Merlin 380.70 on my asus router I cannot mount my USB-connected smb shares via cifs. I keep getting varying mount errors: 6 & 22 are the most common. I've tried changing the smb version to 1.0, 2.0 and 3.0. Tried setting sec=ntlm. Nothing has worked so far. My mount goes like this:

sudo mount -t cifs //ip/share/ -o username=John,domain=WORKGROUP,sec=ntlm,vers=1.0 /mnt/share

Which shows no such device or address. I've tried ssh'ing to find my smb.conf file to find the full path but cannot find the file. I have a feeling the new firmware has a different naming convention for the share. Any ideas?

Improve this question

2 Answers 2

Reset to default
1

Okay, I googled the software you're running and found this on the README file at SourceForge:

  • CHANGED: Samba protocol support can now be set to SMBv1, SMBv2, or SMBv1 + SMBv2 (the new default). This will result in a performance drop on all models, but will be more secure. Ideally, people should change it to SMBv2 only, and then reboot all their client devices to start using only the new protocol. If performance is more important than security to you, then you can switch it back to SMBv1, which is the old default behaviour.

This tells me that the asuswrt-merlin device is probably using SMBv1 and somehow Samba v3.6 doesn't handle that well. To use SMB v1, you need to change the following settings right under workgroup= in smb.conf

ntlmssp_client:force_old_spnego = no ntlmssp_client:client_ntlmv2_auth = no client ntlmv2 auth = no client use spnego = no

You might also need this:

client plaintext auth = yes

But probably don't. I needed the above four lines were needed for Linux to connect to an OpenIndiana box via SMB. The lines that start with ntlmssp_client may not be needed but they were already in the file and multiple copies of these line don't hurt as long as they are the same. You can try to see if setting one or the other to yes works. It probably will work if you change the Asuswrt-merlin config to SMBv2, but I'm not positive.

Improve this answer
8
  • Netcatting the IP with ports 445 and 139 succeeded, and the command: smbclient -L //ipaddress -U user asks for a password which passes. I just need to find the actual path to the drive to mount it.
    – axxic3
    Commented Sep 14, 2018 at 16:52
  • What does smbclient -L //ipaddress show? The -L command should (at least on samba-4.6) show what shares are available.
    – Jason Mitchell
    Commented Sep 18, 2018 at 13:36
  • This might also be helpful: bugs.launchpad.net/ubuntu/+source/samba/+bug/1579540
    – Jason Mitchell
    Commented Sep 18, 2018 at 13:51
  • The smbclient command shows "Books (at ShareDrive) Disk ShareDrive's Books in Seagate Ultra Slim MT" then shows my samba version (3.6.25) and "server" as my routers model name.
    – axxic3
    Commented Sep 21, 2018 at 4:02
  • Some devices will require the following to be added to smb.conf. Note these are mutually exclusive, so you won't want all of them for every device. I don't know what you'd do if you needed to access devices that required different options. Maybe separate smb.conf files client use spnego = yes client plaintext auth = yes client ntlmv2 auth = yes
    – Jason Mitchell
    Commented Sep 23, 2018 at 19:57
0

This was the original answer. Basically, it's how to tell if a device is accessible using Microsoft's SMB/CIFS protocols:

I assume you're talking about USB devices hooked up to the ASUS router. The first step would be to make sure the correct tcp ports on still open on the ASUS router. The easiest way to test this would be to use telnet or netcat (nc).

For telnet it would be: 

telnet 192.168.1.1 139
telnet 192.168.1.1 445

(tcp ports 139 and 445 are the ones used for CIFS). Here's what you get if the port isn't open:

root@JarMini:~# telnet 192.168.1.1 139
Trying 192.168.1.1...
telnet: Unable to connect to remote host: Connection refused
root@JarMini:~#

This is what you'll get if the port is open.

root@JarMini:~# telnet 192.168.1.1 445
Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.
^]

telnet> close
Connection closed.

Note: You have to type Ctrl-] to "break out" of the telnet session if you get connected (or just hit enter a bunch of times and the SMB daemon will probably disconnect you). And apparently port 139 isn't necessary for "newer" versions of SMB. (My info on port 139 could be more than a bit dated.)

Netcat (nc) is a little simpler:

root@JarMini:~# nc -zv 192.168.1.1 445
Connection to 192.168.1.1 445 port [tcp/microsoft-ds] succeeded!
root@JarMini:~# nc -zv 192.168.1.1 139
nc: connect to 192.168.1.1 port 139 (tcp) failed: Connection refused

Unfortunately, there are several versions of Netcat. Ubuntu (and derivatives) use netcat-openbsd, which is what I used. Other linux systems may have different netcat's with different options. Thus telnet is safer if slightly messier.

The reason for this test is to tell whether the problem is SMB configuration or that the device simply isn't listening for SMB requests.

There could be potentially a problem with a network device in-between, but that seems unlikely.

In case you're interested the device I was testing above is a Mac, which I could connect to via CIFS from a Linux box.

TheTwilightZone jmitchel # uname -a
Linux TheTwilightZone 4.10.0-38-generic #42~16.04.1-Ubuntu SMP Tue Oct 10 16:30:51 UTC 2017 i686 i686 i686 GNU/Linux
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .