Auth failure from Windows client

[llamafilm]

When I try to login from Windows 10 client, it takes a long time (10 seconds) before asking for the password, and then after I enter the password it takes another 10 seconds before saying it's wrong.

C:\Users\Admin>net use K: \\10.49.54.93\ksmbd /USER:tester
Enter the password for 'tester' to connect to '10.49.54.93':
The password is invalid for \\10.49.54.93\ksmbd.

I can mount it successfully from linux using the same credentials with smbclient.

Here's the debug log during one attempted login:

kernel: [ 2287.413026] ksmbd: connect success: accepted new connection
kernel: [ 2287.413218] ksmbd: RFC1002 header 69 bytes
kernel: [ 2287.413240] ksmbd: client requested dialect NT LM 0.12
kernel: [ 2287.413243] ksmbd: client requested dialect SMB 2.002
kernel: [ 2287.413245] ksmbd: client requested dialect SMB 2.???
kernel: [ 2287.413246] ksmbd: selected SMB 2.??? dialect
kernel: [ 2287.413248] ksmbd: conn->dialect 0x2ff
kernel: [ 2287.413249] ksmbd: Downgrade to SMB1 negotiation
kernel: [ 2287.413251] ksmbd: conn->dialect 0x2ff
kernel: [ 2287.413254] ksmbd: Upgrade to SMB2 negotiation
kernel: [ 2287.413255] ksmbd: credits: requested[1] granted[1] total_granted[1]
kernel: [ 2287.413407] ksmbd: RFC1002 header 230 bytes
kernel: [ 2287.413423] ksmbd: no length check for command
kernel: [ 2287.413425] ksmbd: SMB2 data length 0 offset 0
kernel: [ 2287.413426] ksmbd: SMB2 len 100
kernel: [ 2287.413428] ksmbd: cli req padded more than expected. Length 230 not 100 for cmd:0 mid:1
kernel: [ 2287.413431] ksmbd: client requested dialect 0x311
kernel: [ 2287.413433] ksmbd: selected SMB 3.1.1 dialect
kernel: [ 2287.413435] ksmbd: conn->dialect 0x311
kernel: [ 2287.413436] ksmbd: Received negotiate request
kernel: [ 2287.413437] ksmbd: decoding 4 negotiate contexts
kernel: [ 2287.413439] ksmbd: deassemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context
kernel: [ 2287.413440] ksmbd: deassemble SMB2_ENCRYPTION_CAPABILITIES context
kernel: [ 2287.413441] ksmbd: deassemble SMB2_COMPRESSION_CAPABILITIES context
kernel: [ 2287.413442] ksmbd: deassemble SMB2_NETNAME_NEGOTIATE_CONTEXT_ID context
kernel: [ 2287.413450] ksmbd: assemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context
kernel: [ 2287.413455] ksmbd: negotiate context offset 224, count 1
kernel: [ 2287.413457] ksmbd: credits: requested[1] granted[1] total_granted[1]
kernel: [ 2287.414152] ksmbd: RFC1002 header 162 bytes
kernel: [ 2287.414169] ksmbd: SMB2 data length 74 offset 88
kernel: [ 2287.414172] ksmbd: SMB2 len 162
kernel: [ 2287.414174] ksmbd: Received request for session setup
kernel: [ 2287.414191] ksmbd: negotiate phase
kernel: [ 2287.414198] ksmbd: NTLMSSP SecurityBufferLength 188
kernel: [ 2287.414201] ksmbd: credits: requested[33] granted[33] total_granted[33]
kernel: [ 2287.414542] ksmbd: RFC1002 header 284 bytes
kernel: [ 2287.414551] ksmbd: SMB2 data length 196 offset 88
kernel: [ 2287.414553] ksmbd: SMB2 len 284
kernel: [ 2287.414554] ksmbd: Received request for session setup
kernel: [ 2287.414559] ksmbd: authenticate phase
kernel: [ 2287.414562] ksmbd: session setup request for user tester
kernel: [ 2287.414845] ksmbd: decode_ntlmssp_authenticate_blob dname
kernel: [ 2287.414860] ksmbd: authentication failed
kernel: [ 2287.414869] ksmbd: Failed to process 1 [-1]
kernel: [ 2287.414870] ksmbd: credits: requested[1] granted[1] total_granted[33]
kernel: [ 2305.717236] ksmbd: connect success: accepted new connection
kernel: [ 2305.717426] ksmbd: RFC1002 header 69 bytes
kernel: [ 2305.717448] ksmbd: client requested dialect NT LM 0.12
kernel: [ 2305.717451] ksmbd: client requested dialect SMB 2.002
kernel: [ 2305.717452] ksmbd: client requested dialect SMB 2.???
kernel: [ 2305.717454] ksmbd: selected SMB 2.??? dialect
kernel: [ 2305.717455] ksmbd: conn->dialect 0x2ff
kernel: [ 2305.717457] ksmbd: Downgrade to SMB1 negotiation
kernel: [ 2305.717458] ksmbd: conn->dialect 0x2ff
kernel: [ 2305.717461] ksmbd: Upgrade to SMB2 negotiation
kernel: [ 2305.717462] ksmbd: credits: requested[1] granted[1] total_granted[1]
kernel: [ 2305.717608] ksmbd: RFC1002 header 230 bytes
kernel: [ 2305.717624] ksmbd: no length check for command
kernel: [ 2305.717626] ksmbd: SMB2 data length 0 offset 0
kernel: [ 2305.717628] ksmbd: SMB2 len 100
kernel: [ 2305.717629] ksmbd: cli req padded more than expected. Length 230 not 100 for cmd:0 mid:1
kernel: [ 2305.717633] ksmbd: client requested dialect 0x311
kernel: [ 2305.717635] ksmbd: selected SMB 3.1.1 dialect
kernel: [ 2305.717637] ksmbd: conn->dialect 0x311
kernel: [ 2305.717638] ksmbd: Received negotiate request
kernel: [ 2305.717640] ksmbd: decoding 4 negotiate contexts
kernel: [ 2305.717642] ksmbd: deassemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context
kernel: [ 2305.717643] ksmbd: deassemble SMB2_ENCRYPTION_CAPABILITIES context
kernel: [ 2305.717644] ksmbd: deassemble SMB2_COMPRESSION_CAPABILITIES context
kernel: [ 2305.717645] ksmbd: deassemble SMB2_NETNAME_NEGOTIATE_CONTEXT_ID context
kernel: [ 2305.717654] ksmbd: assemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context
kernel: [ 2305.717659] ksmbd: negotiate context offset 224, count 1
kernel: [ 2305.717661] ksmbd: credits: requested[1] granted[1] total_granted[1]
kernel: [ 2305.718379] ksmbd: RFC1002 header 162 bytes
kernel: [ 2305.718396] ksmbd: SMB2 data length 74 offset 88
kernel: [ 2305.718399] ksmbd: SMB2 len 162
kernel: [ 2305.718401] ksmbd: Received request for session setup
kernel: [ 2305.718418] ksmbd: negotiate phase
kernel: [ 2305.718424] ksmbd: NTLMSSP SecurityBufferLength 188
kernel: [ 2305.718427] ksmbd: credits: requested[33] granted[33] total_granted[33]
kernel: [ 2305.718751] ksmbd: RFC1002 header 306 bytes
kernel: [ 2305.718760] ksmbd: SMB2 data length 218 offset 88
kernel: [ 2305.718762] ksmbd: SMB2 len 306
kernel: [ 2305.718763] ksmbd: Received request for session setup
kernel: [ 2305.718769] ksmbd: authenticate phase
kernel: [ 2305.718773] ksmbd: session setup request for user tester
kernel: [ 2305.719011] ksmbd: decode_ntlmssp_authenticate_blob dname10.49.54.93
kernel: [ 2305.719025] ksmbd: authentication failed
kernel: [ 2305.719032] ksmbd: Failed to process 1 [-1]
kernel: [ 2305.719033] ksmbd: credits: requested[1] granted[1] total_granted[33]
kernel: [ 2318.213373] ksmbd: RFC1002 header 68 bytes
kernel: [ 2318.213396] ksmbd: SMB2 len 68
kernel: [ 2318.213399] ksmbd: credits: requested[1] granted[1] total_granted[8192]

I'm using version 3.4.5 and I created the user with ksmbd.adduser -a tester.

[namjaejeon]

Regarding the 10-second delay, have you entered the wrong password more than 10 times? In order to avoid dictionary attacks, ksmbd give a delay for 5 seconds if the password is wrong 10 times in a row.

kernel: [ 2305.719025] ksmbd: authentication failed

"authentication failed" message is coming when an incorrect password from client is sent to ksmbd. Have you ever changed the password for testuser? If you create testuser2 and login from windows, Let me know if you still get same issue.

[llamafilm]

I'm sure I was using the right password because it worked fine from linux and Mac clients. Today this is working again. There is still a long delay before asking for password, and another delay after I enter the password. Is there a way to reset the 5 second delay period?

[namjaejeon]

Is there a way to reset the 5 second delay period?

1. If you kill ksmbd.mountd and restart ksmbd,
2. If login is successful with right password
   It will be reset.

Can you send packet dump file captured on problem situation ?

[llamafilm]

Today the behavior is different. Now mounting with net use works right away. But mounting via Windows Explorer still takes a long time, over 1 minute. Here's a pcap of the mounting with Explorer.
Also, today smbclient running on the server fails with this error:

$ smbclient -L //10.49.54.93 -U tester3
Password for [WORKGROUP\tester3]:
tree connect failed: NT_STATUS_BAD_NETWORK_NAME

I'm also attaching a pcap of that using loopback interface. In both cases I see a lot of STATUS_BAD_NETWORK_NAME about the IPC$ share.
pcaps.zip