[Samba] encrypted passwords and /etc/passwd
DA Forsyth
iwrTech at iwr.ru.ac.za
Wed Sep 1 09:06:58 GMT 2004
On 31 Aug 2004 , Karel Kulhavy entreated about
"[Samba] encrypted passwords and /etc/passwd":
} Isn't it possible to tell Samba server that on the way between a
} client and the server, the passwords sould be encrypted, and after
} decryption, they will be checked against /etc/passwd and not
} smbpasswd, tdb or whatever backend?
passwords are never decrypted since they use a one way hash function.
in other words, the CANNOT be decrypted, for good security reasons.
when a server stores your password, it stores the encrypted version,
and can only check an encrypted password against that.
Windows and Unix use different password encryption
therefore, in order to use the Unix encrypted hash in the
/etc/passwd, the unix box needs to receive the plain text password
from Windows so it can encrypt it itself. Windows encrypted
passwords are stored in smbpasswd and are incompatible with the
/etc/passwd format
--
DA Fo rsyth Network Supervisor
Principal Technical Officer -- Institute for Water Research
http://www.ru.ac.za/institutes/iwr/
More information about the samba
mailing list