Kerberos 5 and NTLMv2 without SPNEGO?

Luke Howard lukeh at
Wed Jul 2 23:32:57 GMT 2008

On 02/07/2008, at 11:57 PM, Michael B Allen wrote:

> On 7/2/08, Luke Howard <lukeh at> wrote:
>>> I was able to get raw NTLMSSP w/ NTLMv2 and raw Kerberos 5 working.
>>> Hopefully it will work reliably with all the major servers.
>> That's a fair concern, given that a lot of server implementations  
>> were
>> built from packet traces or incomplete documentation. NetApp, for  
>> example,
>> do not support big-endian PACs (and neither does Samba unless that  
>> has been
>> fixed recently).
>>> But I was not able to get NTLMv2 SMB signatures working. From  
>>> looking
>>> at Samba's libsmb code the UserSessionKey calculation described in
>>> Eric Glass' NTLM doc is completely different. I'm getting the  
>>> feeling
>>> that SMB just uses it's own rules (as usual).
>> You might take a look at the MS docs too. From memory the first 16  
>> bytes of
>> the Kerberos session key are used.
> Yeah, Kerberos was easy. The problem is NTLMv2 SMB signatures. From
> looking at a log level 10 of smbclient it looks like it generates the
> user_session_key in the if (ntlmssp_state->neg_flags &
> libsmb/ntlmssp.c:ntlmssp_client_challenge. I did look at [MS-NLMP]
> briefly but it wasn't obvious to me what corresponded to that code. I
> got sidetracked with client vs. server subkeys and such but it doesn't
> look like SMB uses those keys (which makes sense now because it would
> require very different signing behavior). I get the feeling the NTLM
> docs are talking about generic NTLMSSP integrity and conf whereas SMB
> does something a little different.

Right, SMB uses the session key directly for signing, unrelated to  
NTLM sign/verify at the GSS layer.

-- Luke

More information about the samba-technical mailing list