Samba

SWAT and SSL

Lots of people have asked about how to setup SWAT with SSL to allow for secure remote administration of Samba. Here is a method that works, courtesy of Markus Krieger

My modifications to the swat setup are as following:

  • install OpenSSL
  • generate certificate and private key
    root# /usr/bin/openssl req -new -x509 -days 365 -nodes -config /usr/share/doc/packages/stunnel/stunnel.cnf -out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem
  • remove swat-entry from [x]inetd
  • start stunnel
    root# stunnel -p /etc/stunnel/stunnel.pem -d 901 -l /usr/local/samba/bin/swat swat
afterwards i simply contact swat by using the URL "https://myhost:901", accept the certificate and the SSL connection is up

Sources:
stunnel: http://www.stunnel.org/
openssl: http://www.openssl.org/

Donations


Nowadays, the Samba Team needs a dollar instead of pizza ;-)

Beyond Samba

Commercial Support

Global · By Country

Conferences

sambaXP by SerNet

SDC by SNIA

Releases

Current stable release

Samba 4.20.0 (gzipped)
Release Notes · Signature

Release History

Versions & Notes

Maintenance

Patches · Security Updates · GPG Key

Future

Release Planning · Roadmap