PROPOSAL: deprecate plaintext password support (in SMB1) for 4.11?

Nico Kadel-Garcia nkadel at
Wed Sep 4 22:46:46 UTC 2019

On Wed, Sep 4, 2019 at 8:07 AM Rowland penny <rpenny at> wrote:

> Given that the default in smb.conf for  'encrypt passwords' is 'yes' and
> has been so since (at least) Samba 3.6.x, deprecating it will not change
> anything and removing it, not much more.
> In case you haven't guessed by now, I am all for the removal, who thinks
> it is a good idea to send unencrypted passwords over the lan ?
> Rowland

People who wanted to be able to sniff them, or comply with requests to
sniff them. They still do, and send passwords in plain text, and send
clients passwords rather than send them a way to set a password.

More information about the samba-technical mailing list