How to get the "Signing Session Key" using "User Session Key" for NTLMv2?

Andrew Bartlett abartlet at
Sun Mar 20 06:04:40 MDT 2011

On Fri, 2011-03-18 at 17:52 +0530, Narendra Kumar S.S wrote:
> Hi,
>       I am trying to write some functionality of SMB server.
>       From my code, I am sending a AUTH_CRAP message to winbindd daemon.
>       That is successful and sending back the response.
>       In this response, I have the user session key.
>       Now, I have to use this to find the "Signing Session Key".
>       I am doing hmac_md5 twice on this "User Session Key".
>       But, the result that I am getting is wrong.
>       So, can somebody tell me, the correct way to calculate "Signing
> Session Key" from "User Session Key" given out by winbindd?

Are you looking for the key used in smb1 smb signing?  I think it's just
the key winbindd gives, unless modified by NTLMSSP key exchange.  Look
over the Samba source code, the key returned by the auth subsystem is
that which winbindd gives (ie what a remote DC gives), and you can
follow the derivations from there.  

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.

More information about the samba-technical mailing list