[Samba] retrieve machine password in current Samba?

James Zuelow James.Zuelow at juneau.org
Fri Aug 25 22:06:59 UTC 2017 

We have a wireless network that uses 802.1x authentication, in which domain joined computers use their machine credentials to connect.


Windows machines do this automatically, and until recently Linux computers could join using wicd, wpa-supplicant, and a simple script that would retrieve the machine password with tdbdump.


( specifically tdbdump -k SECRETS/MACHINE_PASSWORD/DOMAIN /var/lib/samba/private/secrets.tdb )


On older machines running Samba 4.2 (Debian Jessie) tdbdump gives a working password such as this:


]f2>lOR4NA~hbv\00  where the actual password is  ]f2>lOR4NA~hbv


On newer machines running Samba 4.5 (Debian Stretch) tdbdump gives an encrypted password such as this:


\EE\A9\8D\EF\AD\AC\E2\A1\9D\E2\A0\8C\E3\96\8E\E7\B0\A8\EE\97\AA\E2\8E\9F\E2\A2\8F\EB\85\BF\EE\B7\8B\EA\A7\A9\EA\97\B8\D2\86\E6\83\AB\EE\82\AA\E3\A9\BB\E3\8A\8D\E2\86\9B\E2\8C\92\E6\8C\A6\EA\85\A5\E6\8F\82\EF\96\94\EF\9C\82\E7\8D\B3\E7\8F\93\E7\B8\AA\E7\A7\B7\EE\88\96\E2\A3\9B\EB\AA\B0\E6\B6\A7\EF\B6\B7\EA\A2\AD\EF\A8\88\EA\BB\B6\EE\A4\9A\E3\99\A6\EE\93\96\E2\BD\84\EB\95\93\E3\87\A2\E2\9D\98\EE\BE\8A\E6\8F\A2\EF\AE\91\EB\B5\AA\E7\A5\AF\E7\A4\A6\CD\A5\EF\80\9A\E3\AC\A9\E6\95\9E\E3\A9\BE\EE\94\82\EA\BF\94\E2\B7\8E\E2\94\96\EF\9B\BB\EA\A4\BB\E2\8B\9A\E6\B7\9C\E6\97\B7\E3\8C\BF\E3\98\9A\EA\88\89\E3\94\91\E7\88\83\E7\95\A3\EE\B6\93\EB\A2\9F\E3\94\85\EF\97\8E\E3\BE\8B\EB\BF\8A\E7\BB\8D\E7\A5\95\EB\89\83\E3\8F\A7\EA\8B\9C\EA\BA\BD\E3\BA\B5\E2\B7\BC\E7\B4\8A\EA\83\97\EB\89\8B\EE\9B\91\E2\BA\9D\EE\AC\B4\E3\A5\84\EE\A0\A1\EE\B0\A7\EF\90\AC\EF\8F\8C\E3\AB\A5\E6\96\81\E7\A6\83\EA\80\BB\E2\B9\8B\E6\B2\9F\EF\91\8E\C7\AA\E7\AB\B0\EB\A6\B7\E7\BB\B4\E6\AA\87\E2\B1\94\E2\A2\90\E7\93\BC\EE\AD\AF\E7\89\A1\E6\BA\BC\EB\85\92\EA\A2\97\EF\82\9B\E3\A4\B8\EF\AE\9B\EE\86\9B\EB\82\80\EB\99\9C\E2\A5\AB\EB\A7\8E\EA\89\89\EA\8E\B6\E3\A7\95\E7\B5\A0\E7\BF\B9>\EB\AC\8A\E3\8E\A4\E7\90\98\EA\92\B0\EF\8C\9A\E3\B4\BE\EE\8A\A5\E6\87\B0\E7\BE\90\EF\8F\95\EE\92\88\EB\88\88\E3\B2\BB\E6\97\B7\E3\98\A8\EB\A3\BD\EF\83\AA\EE\B6\B4\E2\A3\B6\E6\8C\8C\EB\83\BD\EF\A1\A8\EB\8A\A7\E3\89\92\E2\86\93\EA\BD\84\E6\83\A4\E2\B8\B5\EA\9A\A2\EB\8B\BE\EE\B5\B5\EB\9D\A3\EF\82\AF\E6\B2\A8\E3\AB\BB\EE\A6\8A\E6\A5\81\E6\A8\B3\D0\97\E6\82\8D\EE\B7\B6\EB\87\9E\EA\AE\BF\EE\A8\8D\EB\9F\8C\EA\A8\AD\EF\B8\9E\EE\BC\85\E6\AD\A1\E7\92\9D\E3\AC\9F\D9\BD\E6\BB\B1\EA\AE\AD\E3\BC\AB\CF\92\E2\8A\8D\E6\AE\8C\00


This second "password" isn't usable by wicd.


The Samba wiki still refers to getting the current machine password from secrets.tdb:  https://wiki.samba.org/index.php/Keytab_Extraction  That wiki link is about generating keytabs but the process used to retrieve the password is just like the one I was using.


Is there a currently supported method for retrieving the machine password in a form that's usable by external scripts such as wicd?


Thanks!


James

More information about the samba mailing list