I have an HP OfficeJet 8600 printer in my office that's around 10 years old but still works perfectly fine. I occasionally use this printer to scan to a samba share hosted on my DD-WRT router. I recently upgraded the software on the router, and I'm redoing everything to make sure it's all up to date and secure as I sometimes scan sensitive documents. The router/network is well secured, but better safe than sorry.
Problem is, this printer never received updates to it's samba client or TLS. TLS isn't a big deal as it's only used for the web interface and I can easily override the minimum version in Firefox. The issue is the samba client -- it's using an old version. What would be the best solution to this problem? edit: it's SMBv1. oof.
I thought of two possible solutions but I would like to ask the community if they have a better solution. I will note that I have a Gentoo server in my house as well as the DD-WRT router.
- set up a VM on my server (Alpine probably), that hosts the insecure samba. after scanning it will then automatically move the scanned files to my secure samba share.
- is there a way to set the minimum samba version per-user? if so I could create a specific user and share for the printer that uses this login with the old samba version. after scanning it will again move the files to my secure share.
I assume option 1 would be the most secure, but all other suggestions are appreciated. Thanks!
It's a shame that HP didn't support this printer, it's really nice and has served me well for 10 years. Well, what can you do ¯\_(ツ)_/¯
