Karel Kulhavy
2004-Sep-01 12:44 UTC
[Samba] encrypted passwords: what negotiation with what client?
Hello man smb.conf encrypt passwords says: "This boolean controls whether encrypted passwords will be negotiated with the client. Note that Windows NT 4.0 SP3 and above and also Windows 98 will by default expect encrypted passwords unless a registry entry is changed." What does this mean? From my point of view it can mean 4 totally different things: 1) That when I run smbd with encrypt passwords = no and NT4.0 client with default installation, it won't work because NT4.0 client will send encrypted password and Samba require a plaintext password? 2) That when I run smbd with encrypt passwords = no and NT4.0 client with default installation, it will work, because NT4.0 client will albeit expect encrypted passwords, however will resort to unencrypted passwords upon being told by the server they are the only available option? 3) That when I run smbclient //windows_machine_with_nt40/share with encrypt passwords = no, it won't work because NT4.0 server will expect encrypted bassword and will be supplied with unencrypted one 4) That when I run smbclient //windows_machine_with_nt40/share with encrypt passwords = no, it will work, because NT4.0 server will albeit expect encrypted passwords, however will resort to accepting unencrypted one after being told by smbclient unencrypted ones are the only possible option? Basically, the manpage doesn't say two things: 1) whether this relates to a win client -> samba server or samba client -> win server case 2) What does the word "expect" mean. What does encrypt passwords = no mean? From my point of view it can mean 3 totally different things: 1) Encrypted passwords won't be negotiated at all (i. e., it will be left up to the client whether encrypted or unencrypted passwords will be used) 2) Unencrypted passwords will be negotiated with the client and if the client refuses to use unencrypted passwords, then the connection will be terminated 3) Unencrypted passwords will be negotiated with the client, however if the client refuses to use unencrypted passwords, then encrypted ones will be used? Basically the man page says what happens when I say "yes", but doesn't say anything what happens when I say "no". Cl<
Seemingly Similar Threads
- Unencrypted passwords -> Encrypted passwords: can't revert WinNT4 to use encrypted passwords
- Unencrypted/encrypted passwords when connecting from Linux to Win98
- Encrypted passwords for Windows 2000
- Samba 3.0.23c won't let NT4 access shares
- Encrypted IMAP only from Internet, unencrypted POP3 from internal network
Wisdom of the Ancients
