Must a Samba PDC use encrypted passwords?

Luke Kenneth Casson Leighton lkcl at
Sun Jun 7 14:29:44 GMT 1998

On Sat, 6 Jun 1998, Andrew Perrin - Demography wrote:

> Unless I misunderstand this, using NIS to distribute smbpasswd would be a
> huge security hold, since the smbpasswd hashes would be flying around the
> net; anybody with a sniffer would be able to glean a password-equivalent
> from this.  Am I wrong?

you are correct.  the private/smbpasswd file *MUST* be kept on local disk,
and must not be passed around.

More information about the samba-ntdom mailing list