1CIFSCREDS(1)                                                      CIFSCREDS(1)
2
3
4

NAME

6       cifscreds - manage NTLM credentials in kernel keyring
7

SYNOPSIS

9       cifscreds add|clear|clearall|update [-u username] [-d] host|domain
10

DESCRIPTION

12       The  cifscreds program is a tool for managing credentials (username and
13       password) for the purpose of establishing sessions in multiuser mounts.
14
15       When a cifs filesystem is mounted with the "multiuser" option, and does
16       not use krb5 authentication, it needs to be able to get the credentials
17       for each user from somewhere. The cifscreds program is the tool used to
18       provide these credentials to the kernel.
19
20       The  first  non-option argument to cifscreds is a command (see the COM‐
21       MANDS section below). The second non-option argument is a  hostname  or
22       address, or an NT domain name.
23

COMMANDS

25       add
26          Add credentials to the kernel to be used for connecting to the given
27          server, or servers in the given domain.
28
29       clear
30          Clear credentials for a particular host or domain from the kernel.
31
32       clearall
33          Clear all cifs credentials from the kernel.
34
35       update
36          Update stored credentials in the kernel  with  a  new  username  and
37          password.
38

OPTIONS

40       -d, --domain
41          The provided host/domain argument is a NT domainname.
42
43          Ordinarily the second argument provided to cifscreds is treated as a
44          hostname or IP address. This option causes the cifscreds program  to
45          treat that argument as an NT domainname instead.
46
47          If  there  are not host specific credentials for the mounted server,
48          then the kernel will next look  for  a  set  of  domain  credentials
49          equivalent to the domain= option provided at mount time.
50
51       -u, --username
52          Ordinarily,  the  username  is derived from the unix username of the
53          user adding the credentials. This option allows the user to  substi‐
54          tute a different username.
55

NOTES

57       The  cifscreds  utility  requires  a  kernel built with support for the
58       login key type. That key type was added in v3.3 in mainline Linux  ker‐
59       nels.
60
61       Since  cifscreds  adds keys to the session keyring, it is highly recom‐
62       mended that one use pam_keyinit to ensure that  a  session  keyring  is
63       established at login time.
64

SEE ALSO

66       pam_keyinit(8)
67

AUTHORS

69       The  cifscreds  program  was  originally developed by Igor Druzhinin <‐
70       jaxbrigs@gmail.com>. This manpage and a redesign of the code  was  done
71       by Jeff Layton <jlayton@samba.org>.
72
73
74
75
76                                                                  CIFSCREDS(1)
Impressum