[Samba] Encryption
Andrew Bartlett
abartlet at samba.org
Tue Nov 5 05:45:00 GMT 2002
On Tue, 2002-11-05 at 16:49, Howard Huntley Jr. wrote:
> I compiled the source, My understand is that the encryption support has to
> be compiled
> into the binary. If not the "encrypt passwords = Yes" function in smb.conf.
> is meaning less,
Your understanding is incorrect. Samba's support for the LM and NTLM
challenge-response authentication scheme ('encrypted passwords') is
compiled into every Samba installation since well before 2.0.
The option controls the use of that authentication scheme, because it
cannot be used with a standard /etc/passwd file, nor PAM's
authentication support. As such, some sites prefer that it be disabled
for integration into their existing systems. (You must maintain an
smbpasswd file manually, or integrate into an existing NT-compatible
domain).
Use of 'encrypt passwords = yes' is highly recommended, not only for
network security, but also for client interoperability - there are weird
bugs in MS products when using plain-text passwords.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20021105/c1674def/attachment.bin
More information about the samba
mailing list