Enhance your SMB file transfer security with Kerberos and AWS DataSync
Storage Blog
This article discusses how to enhance SMB file transfer security using Kerberos authentication with AWS DataSync, especially as Microsoft is deprecating NTLM authentication.
- DataSync now supports Kerberos authentication for SMB locations
- Kerberos provides enhanced security and mutual authentication without transmitting passwords
- The configuration requires creating a Service Principal Name, generating a keytab file, and configuring a Kerberos configuration file
- Key steps include: - Assigning a Service Principal Name - Creating a krb5.conf file - Configuring the DataSync SMB location with Kerberos
- Prerequisites include network connectivity, DNS resolution, and time synchronization
The walkthrough provides a step-by-step guide to implementing Kerberos authentication with AWS DataSync, helping organizations move away from the deprecated NTLM protocol.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jan 28
2025
2025
AWS DataSync adds support for Kerberos authentication
Dec 12
2025
2025
AWS DataSync increases scalability and performance for on-premises file transfers
Sep 24
2024
2024
Six tips to improve the security of your AWS Transfer Family server
Jan 4
2024
2024
Implement multi-factor authentication based managed file transfer using AWS Transfer Family and AWS Secrets Manager
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.