[Samba] retrieve machine password in current Samba?
James Zuelow
James.Zuelow at juneau.org
Fri Aug 25 22:06:59 UTC 2017
We have a wireless network that uses 802.1x authentication, in which domain joined computers use their machine credentials to connect.
Windows machines do this automatically, and until recently Linux computers could join using wicd, wpa-supplicant, and a simple script that would retrieve the machine password with tdbdump.
( specifically tdbdump -k SECRETS/MACHINE_PASSWORD/DOMAIN /var/lib/samba/private/secrets.tdb )
On older machines running Samba 4.2 (Debian Jessie) tdbdump gives a working password such as this:
]f2>lOR4NA~hbv\00 where the actual password is ]f2>lOR4NA~hbv
On newer machines running Samba 4.5 (Debian Stretch) tdbdump gives an encrypted password such as this:
\EE\A9\8D\EF\AD\AC\E2\A1\9D\E2\A0\8C\E3\96\8E\E7\B0\A8\EE\97\AA\E2\8E\9F\E2\A2\8F\EB\85\BF\EE\B7\8B\EA\A7\A9\EA\97\B8\D2\86\E6\83\AB\EE\82\AA\E3\A9\BB\E3\8A\8D\E2\86\9B\E2\8C\92\E6\8C\A6\EA\85\A5\E6\8F\82\EF\96\94\EF\9C\82\E7\8D\B3\E7\8F\93\E7\B8\AA\E7\A7\B7\EE\88\96\E2\A3\9B\EB\AA\B0\E6\B6\A7\EF\B6\B7\EA\A2\AD\EF\A8\88\EA\BB\B6\EE\A4\9A\E3\99\A6\EE\93\96\E2\BD\84\EB\95\93\E3\87\A2\E2\9D\98\EE\BE\8A\E6\8F\A2\EF\AE\91\EB\B5\AA\E7\A5\AF\E7\A4\A6\CD\A5\EF\80\9A\E3\AC\A9\E6\95\9E\E3\A9\BE\EE\94\82\EA\BF\94\E2\B7\8E\E2\94\96\EF\9B\BB\EA\A4\BB\E2\8B\9A\E6\B7\9C\E6\97\B7\E3\8C\BF\E3\98\9A\EA\88\89\E3\94\91\E7\88\83\E7\95\A3\EE\B6\93\EB\A2\9F\E3\94\85\EF\97\8E\E3\BE\8B\EB\BF\8A\E7\BB\8D\E7\A5\95\EB\89\83\E3\8F\A7\EA\8B\9C\EA\BA\BD\E3\BA\B5\E2\B7\BC\E7\B4\8A\EA\83\97\EB\89\8B\EE\9B\91\E2\BA\9D\EE\AC\B4\E3\A5\84\EE\A0\A1\EE\B0\A7\EF\90\AC\EF\8F\8C\E3\AB\A5\E6\96\81\E7\A6\83\EA\80\BB\E2\B9\8B\E6\B2\9F\EF\91\8E\C7\AA\E7\AB\B0\EB\A6\B7\E7\BB\B4\E6\AA\87\E2\B1\94\E2\A2\90\E7\93\BC\EE\AD\AF\E7\89\A1\E6\BA\BC\EB\85\92\EA\A2\97\EF\82\9B\E3\A4\B8\EF\AE\9B\EE\86\9B\EB\82\80\EB\99\9C\E2\A5\AB\EB\A7\8E\EA\89\89\EA\8E\B6\E3\A7\95\E7\B5\A0\E7\BF\B9>\EB\AC\8A\E3\8E\A4\E7\90\98\EA\92\B0\EF\8C\9A\E3\B4\BE\EE\8A\A5\E6\87\B0\E7\BE\90\EF\8F\95\EE\92\88\EB\88\88\E3\B2\BB\E6\97\B7\E3\98\A8\EB\A3\BD\EF\83\AA\EE\B6\B4\E2\A3\B6\E6\8C\8C\EB\83\BD\EF\A1\A8\EB\8A\A7\E3\89\92\E2\86\93\EA\BD\84\E6\83\A4\E2\B8\B5\EA\9A\A2\EB\8B\BE\EE\B5\B5\EB\9D\A3\EF\82\AF\E6\B2\A8\E3\AB\BB\EE\A6\8A\E6\A5\81\E6\A8\B3\D0\97\E6\82\8D\EE\B7\B6\EB\87\9E\EA\AE\BF\EE\A8\8D\EB\9F\8C\EA\A8\AD\EF\B8\9E\EE\BC\85\E6\AD\A1\E7\92\9D\E3\AC\9F\D9\BD\E6\BB\B1\EA\AE\AD\E3\BC\AB\CF\92\E2\8A\8D\E6\AE\8C\00
This second "password" isn't usable by wicd.
The Samba wiki still refers to getting the current machine password from secrets.tdb: https://wiki.samba.org/index.php/Keytab_Extraction That wiki link is about generating keytabs but the process used to retrieve the password is just like the one I was using.
Is there a currently supported method for retrieving the machine password in a form that's usable by external scripts such as wicd?
Thanks!
James
More information about the samba
mailing list