DOS Client and Basic Redirector and security=user (PR#1378)

Andrew Tridgell samba-bugs at
Fri Oct 31 12:45:56 GMT 1997

> It turns out that the MS Network Client for DOS Basic Redirector _always_
> sends a 24 byte password.  So, I guessed at encryption, got 'libdes',
> recompiled my smbd (again), found a 'spare' Silicon Graphics server and
> installed Encryption on it.  (ENCRYPTION.txt is very good).

Yep, good guess. All encrypted passwords in SMB are 24 bytes long. The
"basic redirector" must ignore the "use encryption bit" in the negotiate
protocol response.

> Only one gripe (other than the 'Basic' redirector not doing plain-text
> passwords of course) is that there's no way for Samba to take the encrypted
> string it's been sent, deduce the plain text password, and try that as
> well.  Is there?

Well, it would be possible, but would take a huge amount of CPU time per
login (or a very very large lookup table on disk). The encryption system
used is quite weak but not weak enough for real-time decryption on todays

You might also like to spend some time investigating whether the client 
can be forced to not use encryption. I have vague memories of this 
being configurable.


More information about the samba mailing list