Default encrypted passwords = yes?

Scott Gifford sgifford at
Thu Sep 27 10:44:04 GMT 2001

Jay Ts <jay at> writes:


> 2. Even if the above were not true, from a security perspective a
>    Samba server with non-encrypted passwords is only good for an
>    "evaluation" Samba installation.


This isn't really true...We used Samba extensively at a previous job
for letting Web designers working in Windows easily update Web pages
stored on our UNIX Web server.  We used their regular UNIX passwords
(it was hard enough getting them to change their passwords once in
awhile, let alone getting them to change two...) and plaintext
authentication.  The network was trusted and the users were trusted,
and we never had any problems with it.


More information about the samba-technical mailing list