SMB configuration
Samba configuration is described on Samba - ArchWiki. This is config i sometimes use.
Linux server
# pacman -S samba
$ sudo mkdir -p /srv/smb/private
$ sudo chown "$USER" /srv/smb/private
/etc/samba/smb.conf
[global]
workgroup = WORKGROUP
server string = local samba
server role = standalone server
# log to systemd
logging = systemd
# disable netbios
dns proxy = no
disable netbios = yes
# explicitly no follow symlinks
follow symlinks = no
# force highest smb version possible (windows 10 and higher)
server min protocol = SMB3_11
# disable obsolete LanMan authentication
lanman auth = no
ntlm auth = yes
client lanman auth = no
# disable browsing of $IPC
restrict anonymous = 2
# disallow unauthenticated user to browse shares
usershare allow guests = no
# no anonymous user available
map to guest = never
# do not load printers
load printers = no
printing = bsd
# do not show printers
printcap name = /dev/null
# no ability so receive printer drivers in add printer menu on windows
disable spoolss = yes
[private]
comment = private share
path = /srv/smb/private
writable = yes
printable = no
Aditionally ip range can also be restricted
[global]
...
# allow only local ip range
hosts allow = 192.168.1.0/24
...
Test samba config
testparm
Create samba password for your username
$ sudo smbpasswd -a $USER
List users
$ sudo pdbedit -L -v
After config change smb must be restarted
# systemctl restart smb.service nmb.service
Enable smb on system start
# systemctl enable smb.service nmb.service
Firewall
Remember to put samba behind strict firewall