[Duplicacy Web] Support for SAMBA credentials

Hello, Duplicacy Web supports SAMBA under Windows but only if the connection information is pre-registered on the Windows user account that launches the Duplicacy Web service.

This is problematic because it involves permanent access to the SAMBA storage, in the event of infection by a crypto virus the backups can be corrupted without the need to authenticate.

Ideally, Duplicacy Web should be able to store the connection information to the SAMBA shares itself so that it can only be accessed by it.

Can this be set up easily ?

1 Like

This logic only works if Duplicacy is able to maintain its own internal-only connection to the network share without getting the OS to pre-mount. I know of few tools (Veeam Agent springs to mind) that don’t rely on the OS to maintain a network connection, and depending on how this is done, could still leave a window of opportunity for malware to infect during the mount window.

A native implementation sounds like a good amount of work for what could be accomplished better with e.g. sftp, but if an existing library exists, and exposure to the share outside of Duplicacy can be guaranteed, then sure this might be a good idea. TBH though, I’d still personally roll with sftp as the better security.


OK, but SSH/SFTP is very slow compared to SAMBA.

@gchen do you think this is possible ?

I found this: GitHub - hirochachacha/go-smb2: SMB2/3 client library written in Go.

It should be possible to build a SAMBA backend on top of this library. I’ll give it a try.

Great :slight_smile:

Many thanks for this

Hi, any news for this ? :slight_smile:

To raise the topic :slight_smile:

I will work on it next week.

Yeh :smiley:

Many thanks !