[Samba] password complexity bypasswd by check password script

Jonathon Reinhart jonathon.reinhart at gmail.com
Thu Feb 24 22:35:26 UTC 2022

On Thu, Feb 24, 2022 at 5:24 PM Francis <francisd at gmail.com> wrote:
> Le jeu. 24 févr. 2022 à 17:03, Jonathon Reinhart <jonathon.reinhart at gmail.com> a écrit :
>> Francis, can you share what solution you are using for checking
>> against HIBP? I'm fairly happy with my solution; it is very fast due
>> to the binary-search algorithm. However, I'm not thrilled with the
>> need for a wrapper script, as I indicate here:
>> https://gitlab.com/JonathonReinhart/passhashdb/-/tree/master#use-with-samba
>>  Perhaps someone has a better idea for dealing with the database path
>> and log path. I was trying to avoid another config file, but I guess
>> the wrapper script serves the same purpose...
> Nothing fancy, I use this script: https://github.com/sfonteneau/haveibeenpwnd_for_check_password_script_samba (I'm not the author).

Ah, okay. That uses the haveibeenpwnd [1] Python library. This was
undesirable for me because (a) I didn't want to rely on an internet
connection/service and (b) didn't want to send any amount of my users'
password hashes to the internet. So I wrote passhashdb [2] to do it
locally.  I suppose both solutions could be included on the Wiki.

[1] https://pypi.org/project/haveibeenpwnd/
[2] https://gitlab.com/JonathonReinhart/passhashdb

More information about the samba mailing list