[Samba] Password aging ...
C.Lee Taylor
leet at leenx.co.za
Thu Oct 17 15:42:00 GMT 2002
Greetings ...
A quick question more to confirm a few things reguarding SMB passwords,
which I hope might be able to look at for password aging.
I saw some discussion on samba-tech list, but nothing conclusive.
LM and NT hashs don't have a salt? Do they? ... In other words, a
password "password" LM hashed, always comes out as
"E52CAC67419A9A224A3B108F3FA6CB6D" not matter the case? Just checks,
but I take it a password "password" NT hashed is case sencetive, but
still no salt, which means one could search a DB of a large number of LM
or NT hashed to crack a LM/NT hash?
I understand that we can't use PAM cracklib to do password sanity, but
we could use all known hashs in a smb passwd DB, ie ... search ones
local LDAP DB for matching LM/NT hashs and not accept password.
But I think that the rpc's to look after password expire and sanity
have not been finished, am I correct in this thinking?
Thanks.
Mailed
Lee
More information about the samba
mailing list