Skip to content

3. Anonymous Samba Share.md

Latest commit

ย 

History

History
156 lines (117 loc) ยท 2.74 KB

3. Anonymous Samba Share.md

File metadata and controls

156 lines (117 loc) ยท 2.74 KB

Anonymous Samba Share

Setup Anonymous Samba Share on RHEL/CentOS

Anonymous or guest shares allow users to access shared directories without authentication. This setup is useful for public access within a trusted network.

Prepare Public Directory

Create a public directory with full access permissions:

mkdir /Public

Set open permissions for read, write, and execute access:

chmod 777 /Public/

Or recursively apply to all contents inside:

chmod -R 777 /Public/

Verify the directory exists and has correct permissions:

ls -lh / | grep Public

Set ownership to the nobody user and group:

chown -R nobody:nobody /Public/

Configure Samba for Anonymous Access

Edit the Samba configuration file:

nano /etc/samba/smb.conf

Append or modify the following share definition:

[Public]
path = /Public
writable = yes
guest ok = yes
guest only = yes
read only = no
create mode = 0777
directory mode = 0777
force user = nobody

This configuration:

  • Enables guest-only access
  • Allows full read/write/delete capabilities
  • Forces all operations as the nobody user

Restart Samba Service

Apply the configuration by restarting the Samba service:

systemctl restart smb.service

Test Anonymous Share Access

Check the list of available shares on the Samba server:

smbclient -L 192.168.112.145

Try accessing the public share anonymously:

smbclient //192.168.1.25/Public/

Explicitly use guest access with no credentials:

smbclient -L 192.168.112.145 -U "" -N

Or connect directly to the public share as a guest:

smbclient //192.168.112.145/Public -U "" -N

Another equivalent form:

smbclient -U "" //192.168.1.27/Public -N

Additional Sample Configuration

Here's an extended smb.conf snippet with additional shares:

Create Directories:

mkdir /opt/data
mkdir /backup

Edit Configuration File:

nano /etc/samba/smb.conf
[data]
comment = Data
path = /opt/data
writable = yes

[backup]
comment = Server Backup
path = /backup
writable = yes
valid users = smb-user1, armour

[Public]
path = /Public
writable = yes
guest ok = yes
guest only = yes
read only = no
create mode = 0777
directory mode = 0777
force user = nobody

Make sure the directories /opt/data and /backup exist with proper ownership and permissions for listed users.

Restart Samba after changes:

systemctl restart smb.service

Security Note

Anonymous shares should only be used in trusted networks.
Avoid enabling guest access on internet-facing systems or in environments where data sensitivity is a concern.
โšก