[Samba] Storing Hashed Passwords in Credentials File
Andrew Bartlett
abartlet at samba.org
Wed Jan 21 22:38:09 GMT 2004
On Thu, 2004-01-22 at 04:08, Alon Albert wrote:
> I would like to have user specific entries in /etc/fstab
>
>
>
> I understand the proper way to do this is to use credential
> files to store the username/passwords.
> This way, event if the file gets compromised, the actual
> password is still not revieled.
Unfortunately the 'hash' we send on the wire is not something we can
store, as it varies with the challenge the server sends.
The password we would have to store would be the same as the entry in
the smbpasswd file on the server. This is sufficient to use as the
password, on a modified client. This is a property of
challenge-response authentication.
So, apart from protecting your eyeballs, there is no benefit from
storing the hashed passwords in the credentials file.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040122/39732872/attachment.bin
More information about the samba
mailing list