wbinfo -a uses plaintext authentication ...
Tim Potter
tpot at samba.org
Sat Jan 12 18:25:05 GMT 2002
On Sat, Jan 12, 2002 at 09:52:03AM +1100, Andrew Bartlett wrote:
> > This seems, ummm, bad. Perhaps there should be another flag for plaintext?
>
> Its not bad - its perfectly fine.
>
> Firstly - wbinfo -a is just a testing tool, and the password is already
> on the (other user visible) command line by this stage.
I might move some of this stuff into 'net winbind'.
> Secondly: The plaintext/crap authentication methods both send a
> challange-response pair to the DC, the difference is where it is
> encrypted.
In other words the password is only sent plain text over the unix
domain socket that connects the winbind client to the winbind daemon.
Tim.
More information about the samba-technical
mailing list