[KLUG Members] Re: Samba -- the politics of encrypted passwords

Bryan J. Smith members@kalamazoolinux.org
05 Dec 2002 08:32:08 -0500

Previous message: [KLUG Members] Samba
Next message: [KLUG Members] Samba
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--=-ZWAaz0bmR1kLCRE1tUZS
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2002-12-04 at 21:11, Jon Smitley wrote:
> OK.  I think I should probably fight my way through with the encrypted
> passwords.

Two things to remember about encrypted passwords:
 1.  They are 100% false security (verbatim "password hash")
 2.  They only affect how Windows clients make "assumptions"

If you run NT-based Windows (4.0, 5.0/5.1 aka 2000/XP), then #2 is what
matters.  #2 is why you have to retype your password when connecting to
different servers with NT-based Windows when not using encrypted
passwords.  If you enable encrypted passwords, NT-based Windows now
catches them, so you don't run into this.

Again, it's 100% false security, but it is required to make Windows
clients act differently out of 100% pure "assumption" BS. =20

> And thank you for your responses to this issue. But just to
> let you know a few of the things your saying are about 6 feet over my
> head. So if you don't mind I'll ask a few questions to you about what
> is/isn't happening.  I sent a copy of smb.conf to Stu earlier because he
> helped (if not on his own) get Samba running at the last KLUG meeting,
> so if he contacts me I'll let you know.
>=20
> For your info I am using:
> 	RH 8.0
> 	Samba 2.2.7
> 	Webmin 1.030
> I don't have a good grasp on all the command line skills, so I use a
> GUI.

For Samba, "SWAT" (Samba Web Admin Tool) is the best, most featured.

> Basically, Win98 can see to the point that security sets in, whether it
> at the user level or the share level.
>=20
> At user level I get;
> 	 //Madness/IPC$
> Password ______________
>=20
> At share level I get;
> 	 //Madness/sharename
> Password ___________________
> And here I'm stuck.

Are you using "share" security?  Or "user" security?


--=20
Bryan J. Smith, E.I. (BSECE)       Contact Info:  http://thebs.org
[ http://thebs.org/files/resume/BryanJonSmith_certifications.pdf ]
------------------------------------------------------------------
  The more government chooses for you, the less freedom you have.


--=-ZWAaz0bmR1kLCRE1tUZS
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQA971VYDjEszaVrzmQRAuXAAJ4h7BL90JL/kB644J+dUD9zKO1XbQCcDUcU
nUW8nmuQ7L9CbHSW5A5NjhA=
=R4J+
-----END PGP SIGNATURE-----

--=-ZWAaz0bmR1kLCRE1tUZS--

Previous message: [KLUG Members] Samba
Next message: [KLUG Members] Samba
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]