docs-xml/smbdotconf/security/serversmbsigningalgos.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

<samba:parameter name="server smb3 signing algorithms"
                 context="G"
                 type="list"
                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
	<para>This parameter specifies the availability and order of
	signing algorithms which are available for negotiation in the SMB3_11 dialect.
	</para>
	<para>It is also possible to remove individual algorithms from the default list,
	by prefixing them with '-'. This can avoid having to specify a hardcoded list.
	</para>
	<para>Note: that the removal of AES-128-CMAC from the list will result
	in SMB3_00 and SMB3_02 being unavailable, and the removal of HMAC-SHA256
	will result in SMB2_02 and SMB2_10 being unavailable, as these are the default and only
	available algorithms for these dialects.
	</para>
</description>

<value type="default">AES-128-GMAC, AES-128-CMAC, HMAC-SHA256</value>
<value type="example">AES-128-CMAC, HMAC-SHA256</value>
<value type="example">-AES-128-CMAC</value>
</samba:parameter>