DOS Client and Basic Redirector and security=user (PR#1378)
Andrew Tridgell
samba-bugs at samba.anu.edu.au
Fri Oct 31 12:45:56 GMT 1997
> It turns out that the MS Network Client for DOS Basic Redirector _always_
> sends a 24 byte password. So, I guessed at encryption, got 'libdes',
> recompiled my smbd (again), found a 'spare' Silicon Graphics server and
> installed Encryption on it. (ENCRYPTION.txt is very good).
Yep, good guess. All encrypted passwords in SMB are 24 bytes long. The
"basic redirector" must ignore the "use encryption bit" in the negotiate
protocol response.
> Only one gripe (other than the 'Basic' redirector not doing plain-text
> passwords of course) is that there's no way for Samba to take the encrypted
> string it's been sent, deduce the plain text password, and try that as
> well. Is there?
Well, it would be possible, but would take a huge amount of CPU time per
login (or a very very large lookup table on disk). The encryption system
used is quite weak but not weak enough for real-time decryption on todays
systems.
You might also like to spend some time investigating whether the client
can be forced to not use encryption. I have vague memories of this
being configurable.
Andrew
More information about the samba
mailing list