Depricate auth parameters in 3.6, remove in master?

TAKAHASHI Motonobu monyo at monyo.com
Fri Jan 28 17:41:45 MST 2011


2011/1/29 Andrew Bartlett <abartlet at samba.org>:
> On Sat, 2011-01-29 at 07:29 +1000, Andrew Bartlett wrote:
>> On Sat, 2011-01-29 at 01:01 +0900, TAKAHASHI Motonobu wrote:
>> > 011/1/28 Andrew Bartlett <abartlet at samba.org>:
>> > > On Fri, 2011-01-28 at 11:58 +0100, Björn Jacke wrote:
>> > >> > encrypt passwords = no
>> > >>
>> > >> not sure how many people actually still use this. I think I'd like to keep
>> > >> this.
>> > >
>> > > The point with the plaintext password code is that it performs a
>> > > server-side brute force attack (see password level) on the plaintext
>> > > password (due to case sensitivity), and just does not work properly with
>> > > Windows clients (almost any) due to lack of caching (causing really
>> > > weird reconnect failure) and the need to set registry hacks.  So it is
>> > > both a security risk and a
>> > >
>> > > There certainly are users of this, but we need to move them to other
>> > > more secure solutions to their needs, and that starts by marking it as
>> > > deprecated.
>> >
>> > Sharity-Light is one product using a plain text password to access to a
>> > SMB server. Sharity-Ligit is included in Ports of *BSD.
>> >
>> > If LMCompatibilitylevel < 4, then plain text password is supported at the
>> > SMB server.
>>
>> I agree that there are tools that can still use plain text, but I don't
>> know of any that can't at least do LM authentication, and even that is
>> incredibly insecure.  We should simply not support such insecure
>> protocols.
>
> Hmm, perhaps I misunderstood.  Are you saying that there is no other way
> to use CIFS from FreeBSD that does not use plaintext passwords?
>
> Andrew Bartlett

No, FreeBSD has mount_smbfs which can use NTLMv1 (not NTLMv2o
SMB signing) to access to SMB servers.

Sharity-Light is very old product:
http://www.obdev.at/products/sharity-light/index.html . As far as I
know, this is the only way to 'mount' CIFS
share from some commercial-based UNIXes with a free tool, but as you
said, plaintext authentication should be deprecated.

Plaintext authentication is already turned off (from 3.2.0) by default.
Unless an user explicitly turned it on, to support this causes no more
security risk.

So I think in Samba 3.x series, this function should be left same as
"security = share".

---
TAKAHASHI Motonobu <monyo at samba.gr.jp>


More information about the samba-technical mailing list