SMBpassword and UNIX password sync?

Roeland M.J. Meyer rmeyer at
Sat Feb 21 08:37:21 GMT 1998

At 04:10 20-02-98 +1100, Tim Winders wrote:
>I would like to implement samba encrypted passwords.  I have read the
>ENCRYPTION.txt file and see how to create the initial (no access) smbpassd
>file from the UNIX /etc/passwd file, but it seems that each user (or root)
>then has to change their samba password.  This is not practical for my
>If I understand the encryption scheme then there is no way to initally
>read the /etc/passwd file and put THAT password into the smbpasswd file.
>So... my question...

It's really not an ecryption algorithm, it's a one-way hash. It can never
be de-crypted. However, because the salt value is stored as part of the
passwd, it is vulnerable to brute-force dictionary attacks.

>Is there anyway to syncronize the /etc/passwd and smbpasswd files such
>that when a user changes their UNIX passwd, their smbpasswd will
>automatically get created if one does not exist or changed their smbpasswd
>if one DOES exist?

Wrap both passwd amd smbpasswd, and maybe even yppasswd, with a perl/expect
script which will do this for all systems when the user does a passwd
change. We even are building a web-page/cgi-script that does this for our

>I am running Digital Unix 4.0D, no shadow password, no C2.  I am open to
>using a different UNIX passwd program if that will help.  Thanks!

You *really* don't want to do that.
Roeland M.J. Meyer, ISOC (InterNIC RM993)
e-mail:		mailto:rmeyer at
Personalweb pages:
Company web-site:
Watch for the SecureMail system at MHSC.NET

More information about the samba mailing list