Password Synchronization
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Sat Dec 27 16:25:59 GMT 1997
On Wed, 24 Dec 1997, Roeland M.J. Meyer wrote:
> At 22:00 24-12-97 +1100, Luke Kenneth Casson Leighton wrote:
> >At 21:21 24-12-97 +1100, F. G. P. wrote:
>
> >>I think, taking the encrypted password from /etc/passwd or /etc/shadow and
> >>use it as nt-password is inpossible, because linux/unix uses a one-way
> >>hash function to encrypt passwords, therefore it (should?) not be possible
> >>to get the plaintext-password out of the /etc/passwd or /etc/shadow file.
> >>
> >>Password on an nt-server are also encrypted (I hope so!!), but I believe
> >>microsoft uses a reversible encryption.
> >>
> >>This means, transforming an unix-password into an nt-password with only
> >>knowing the encrypted text from /etc/passwd or /etc/shadow would actually
> >>mean decrypting the password - which should be inpossible for todays
> >>computers.
>
> >>The reverse transformation , from an nt-encrypted password to an
> >>unix-password should be possible - but I don't know any program which
> >>would do this
>
> >user: lkcl
> >password: foo
> >
> >if (strequal(unixcrypt(lmcrypt(foo)), getunixlmpasswd(lkcl)))
> >...
>
> Regardless of how it's done, it'll take too many CPU cycles to do, for a
> production machine. Basically, what is asked for is a crack process on the
> SMB passwd, to be run each time the passwd changes. Even if it is strictly
i wasn't thinking of crack solutions, i was thinking of a way of merging
unix and nt logins. but then realised that that is simply not possible.
except with PAMs.
lukes
More information about the samba
mailing list