search for: lor4na

..., wpa-supplicant, and a simple script that would retrieve the machine password with tdbdump. ( specifically tdbdump -k SECRETS/MACHINE_PASSWORD/DOMAIN /var/lib/samba/private/secrets.tdb ) On older machines running Samba 4.2 (Debian Jessie) tdbdump gives a working password such as this: ]f2>lOR4NA~hbv\00 where the actual password is ]f2>lOR4NA~hbv On newer machines running Samba 4.5 (Debian Stretch) tdbdump gives an encrypted password such as this: \EE\A9\8D\EF\AD\AC\E2\A1\9D\E2\A0\8C\E3\96\8E\E7\B0\A8\EE\97\AA\E2\8E\9F\E2\A2\8F\EB\85\BF\EE\B7\8B\EA\A7\A9\EA\97\B8\D2\86\E6\83\AB\EE\...

...You'll have to hash to make it > useful by wicd it seems (I'm guessing wicd expects the hash, not the plaintext). OK. I guess I had that backwards. I thought that the new version (\EE\A9\8D\EF\AD\AC...) was giving me an encrypted (or hashed I guess) value, and the old version ( ]f2>lOR4NA~hbv ) was the plaintext password. I'll see if I can't translate that over somehow. Thank you! James

...uld retrieve the machine password with tdbdump. > > > ( specifically tdbdump -k SECRETS/MACHINE_PASSWORD/DOMAIN /var/lib/samba/private/secrets.tdb ) > > > On older machines running Samba 4.2 (Debian Jessie) tdbdump gives a working password such as this: > > > ]f2>lOR4NA~hbv\00 where the actual password is ]f2>lOR4NA~hbv > > > On newer machines running Samba 4.5 (Debian Stretch) tdbdump gives an encrypted password such as this: > > > \EE\A9\8D\EF\AD\AC\E2\A1\9D\E2\A0\8C\E3\96\8E\E7\B0\A8\EE\97\AA\E2\8E\9F\E2\A2\8F\EB\85\BF\EE\B7\8B\EA\A7\...

...o make it > > useful by wicd it seems (I'm guessing wicd expects the hash, not the plaintext). > > OK. > > I guess I had that backwards. I thought that the new version (\EE\A9\8D\EF\AD\AC...) was giving me an encrypted (or hashed I guess) value, and the old version ( ]f2>lOR4NA~hbv ) was the plaintext password. > > I'll see if I can't translate that over somehow. The recent secrets changes to store the krb5 hashes changed some things to use a IDL defined NDR packed structure. I've not checked the details, but that might be what you are seeing. Thi...