SMB/CIFS share to Proxmox host from NAS - lots of failed authentication attempts

R

rslippers

New Member
Oct 19, 2024
4
0
1
Hi all,

A bit of background on this...

Recently migrated my NAS from TrueNAS Core to TN Scale, this is VM running on the host.
Since then, I published a CIFS share from TN Scale, back to my host. This worked fine, and I could place my ISOs on that share, read from it.
I then ran into an unrelated issue with Scale where I needed to reinstall. Before I uninstalled and removed the server, I removed the CIFS share from the GUI in PVE. All fine and dandy.

Since the rebuild, my syslog is filled with this message, every 1 second or so:
Bash: 
Oct 19 12:20:03 roma kernel: CIFS: VFS: \\nas.example.com Send error in SessSetup = -13
Oct 19 12:20:05 roma kernel: CIFS: Status code returned 0xc000006d STATUS_LOGON_FAILURE

Now, in principle, I know why this is. PVE is trying to auth with TrueNAS (which has the same IP as the previous rendition(s)). The headscratcher -- I removed the share before I killed the NAS.

In the Audit logs in TrueNAS I can see that the PVE host is trying to auth using a username that TrueNAS doesn't know (again, due to the reinstall).

I have tried the following to stop PVE from authing to TrueNAS at all:
Bash: 
umount -a -t cifs -f
umount -l iso_store
umount /mnt/pve/iso_store

I've checked if there are 'residuals' in /etc/pve/storage.cfg, /etc/systemd/system, crontab.
I've attempted to find the cifsd, to restart this. I can find the PID, but cannot kill it.

Using:
Bash: 
ss -atp | grep 192.168.0.3

Returns:
Bash: 
ESTAB  0      0               192.168.0.9:60252             192.168.0.3:microsoft-ds

I'm trying to not just reboot my PVE host because I believe this not to be a good way to 'solve' the problem. Even ChatGPT cannot help me!...

I've just re-created the authoring account on TN, which has stopped the logs... This still isnt really a solution, because this makes me think that the host has some phantom cifs share lingering...
 
Hi, yes storage was removed from the host...

The problem wasn't that the GUI was/wasn't showing the storage, it was that the Host was continuously (and with great speed) trying to authenticate with a share that a) didn't exist and b) the storage provider didn't have a user account for.

There is no method for me to stop that happening. I just couldn't not authenticate with this non-existant user account.
 
I have an update on this, apparently the same type of problem is happening with iSCSI authentication.
When removing iSCSI storage from the host, apparently it'll just... continue trying to login to the iSCSI portal...
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom