Generatig Encrypted smbpasswd file

[Peter Galbavy]

On Tue, May 04, 1999 at 11:53:48PM +1000, Matt Chapman wrote:
> > > I would therefore be glad if anyone out there could help me with an
> > > easier way of generating the encrypted smbpasswd from either the
> > > /etc/passwd or /etc/shadow password file without the 32X's but the
> > > actual
> > > encrypted smbpasswd file.
> >
> > Unfortunately there is no way to do this.
> 
> .. not because we are sadistic, but because the UNIX and Windows
> "encrypted" passwords are incompatible one-way hashes.

I have always, in my ignorance of the protocols, wonder this; on a
setup where the passwords are only checked against the smbpasswd file
and not "transmitted" to any other servers etc, is it not possible to
support a backdoor use of the UNIX crypt format ? Even if it is down
to using the crypt()'ed string as the password for samba and then just
doing final, local comparisons.

I can understand where integration with an NT domain with real M$
servers would make this impossible, but where I (or others) want
to run samba as the *only* servers is this sort of thing even
feasible (let alone desirable) ?

-- 
Peter Galbavy
Knowledge Matters Ltd
http://www.knowledge.com /http://www.wonderland.org/ http://www.literature.org/