problems with smbpasswd (joining a SAMBA-Domain)

Murray Gibbins wibble at morpheus.ednet.co.uk
Sun Oct 17 23:33:05 GMT 1999


tschweikle at FIDUCIA.de wrote:
> 
> junglin <junglin at uni-muenster.de> schrieb:
> 
> > On Tue, 12 Oct 1999, Gerald Carter wrote:
> >>
> >> Also need 'encrypt passwords = yes'
> >
> > Is this really necessary? I've good reasons to set 'encrypt passwords = no'.
> > (i.e. the user-database is quite large (about 40.000) and not maintained by
> > me...)
> 
> It is.
> 
> There are no good reasons to have "encript passwords = no". Everyone will be
> possible to sniff these from your network.
> You do not have any data to be secured?
> 
> --
Having "encript passwords = yes" still allows access, the password is
always encripted into the same string each time, into so-called 'text
equalent passwords' all a sniffer needs to is itentify the packets
makeing up this  encripted password and send it off the the sever, which
will validate it.

Thje best solution is to show people how to use 'ssh' or 'pgp', or even
better replace all win32 with Linux, then run it over a 'switch ethernet
hub'.

-- 
Yours

Murray

Sys. Admin Morpheus Private Home Networks

--------------------------------------
Morpheus Private Home Networks

Admin: wibble at morpheus.ednet.co.uk
--------------------------------------


More information about the samba-ntdom mailing list