[Samba] smb/cifs protocol thingy

Gerald (Jerry) Carter jerry at samba.org
Sat Sep 13 05:30:32 GMT 2003

Hash: SHA1

On Fri, 12 Sep 2003, Alexandru Ionica wrote:

> When a client authenticates to a samba server does he send the hash of the
> password over a clear text connection , or does he send the hash over some
> kind of encrypted connection ?.

Depends on what type of authentication you are referring to.  With NTLMv1 
and v2, the response is a generated sequence based on the original hash
but the hash is never sent.  Kerberos is a different matter.

> When there is a password change from the client, does the password travel
> in clear text over and encrypted connection, or is the password hashed ?

The old password hash is used as the key for encryption a byte stream.
The server has to have the current password hash to decode and obtain the 
clear text of the new password.  But then again there about about 4 
different ways to change passwords in the CIFS protocol.

cheers, jerry
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/


More information about the samba mailing list