Password encryption in 2.2.0

Andrew Bartlett abartlet at
Thu May 17 10:18:46 GMT 2001

"Michael B. Allen" wrote:
> On Wed, Apr 25, 2001 at 11:35:33AM -0400, Joe Meslovich wrote:
> > created. If I look at a password that had been set by the 2.0.6 version of
> > smbpasswd I get:
> >
> > jam002:8663:9C6602D2622F49641664635A22D01271:617B07A0803FA6981960CADCAA059CF3:[U
> >           ]:LCT-3AE6E102:
> Just out of curiosity, if this is the LANMAN hash, how do you compare
> for equality when the client response could be different due to the
> factoring in of the challenge key?

The key is known by both parties, and sent by the server.  The server
then just does the same factoring of the already hashed password, and
compares the result.

The password in the smbpasswd file is therefore 'plain-text equivilant'.

Andrew Bartlett

Andrew Bartlett
abartlet at

More information about the samba-technical mailing list