Odp: AW: win2000 + unix

Rafał Szcześniak rszczesniak at mis.com.pl
Thu Sep 28 15:53:38 GMT 2000


Steve Langasek <vorlon at netexpress.net>
00-09-28 17:44

 
        Do:     Rafał Szcześniak <rszczesniak at mis.com.pl>
        DW:     Robert Wieczorek <Robert.Wieczorek at Telelogic.de>, 
samba-ntdom at us4.samba.org
        Temat:  Re: Odp: AW: win2000 + unix

On Thu, 28 Sep 2000, [iso-8859-2] Rafa³ Szcze¶niak wrote:

> Why don't you use encrypted passwords ???
> It's much, much safer.

This is misleading.  Using encrypted passwords is much safer *from network
eavesdropping*.  But like CHAP (one of Microsoft's other favorite 
protocols),
it requires storing plaintext passwords (or their equivalent) on the 
server,

Can you explain me then, where Samba stores plaintext passwords, when uses
encrypted passwords on the wire ?

Rafał


making the server a much more valuable target for a cracker.  If you offer
other services that use plaintext password exchange, then storing
plaintext-equivalent passwords on the server could weaken security rather
than strengthening it.

Steve Langasek
postmodern programmer








More information about the samba-ntdom mailing list