[linux-cifs-client] Linux CIFS NTLMSSP mount failing against win2k8

Shirish Pargaonkar shirishpargaonkar at gmail.com
Tue Apr 13 22:45:49 MDT 2010

On Tue, Apr 13, 2010 at 6:01 PM, Andrew Bartlett <abartlet at samba.org> wrote:
> On Sun, 2010-04-11 at 19:40 -0400, Jeff Layton wrote:
>> I don't think that's right. CIFS_SESS_KEY_SIZE is 24 bytes. According
>> to the MS-NLMP document, the session key should be 16 bytes. The
>> signing key is different with NTLMSSP than with "raw" NTLM and NTLMv2.
> So, with NTLMSSP the 24 byte (actually variable, it is much lager for
> NTLMv2) response is not included in the MAC calculation - just use the
> 16 bytes session key only.

Does this apply to both ntlm and ntlmv2 authentications because for ntlm
authentication, session key is 16 bytes but not for ntlmv2 authentication?

I thought MAC key is generated by concatenating the smb session key
with ntlm/ntlmv2
client response to the server challenge.


> Andrew Bartlett
> --
> Andrew Bartlett                                http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
> Samba Developer, Cisco Inc.

More information about the samba-technical mailing list