search for: igbwageacwbzahcabwbyagqaiga

On Tue, Oct 8, 2019, 07:45 Rowland penny via samba <samba at lists.samba.org> wrote: > On 08/10/2019 12:27, Elias Pereira via samba wrote: > > hello list, > > > > What kind of hashing/encryption samba4 ADDC uses for user passwords? > base64? > Base64 is neither a hash nor an encryption algorithm; it is an encoding. > > > Thanks! > > > Basically

...n my Hard drive ;-) > > Are you saying Samba stores plaintext passwords in the database? > > No, that bit of bash turns a plain password into what you would store in > the users 'unicodePwd' attribute. > > For instance, if $PASSWORD == password , you would get > 'IgBwAGEAcwBzAHcAbwByAGQAIgA=' > > Rowland I appreciate that this is how to pass the plaintext password for setting it, for storage by the Kerberos back end. If Samba is using Kerberos in normal fashion, *nothing* ever sees the plain text password again. A decent explanation lives at https://www.roguelynn.com/words/...

...Where is this scheme applied? On my Hard drive ;-) > Are you saying Samba stores plaintext passwords in the database? No, that bit of bash turns a plain password into what you would store in the users 'unicodePwd' attribute. For instance, if $PASSWORD == password , you would get 'IgBwAGEAcwBzAHcAbwByAGQAIgA=' Rowland > > Jonathon

...) >>> Are you saying Samba stores plaintext passwords in the database? >> No, that bit of bash turns a plain password into what you would store in >> the users 'unicodePwd' attribute. >> >> For instance, if $PASSWORD == password , you would get >> 'IgBwAGEAcwBzAHcAbwByAGQAIgA=' >> >> Rowland > I appreciate that this is how to pass the plaintext password for > setting it, for storage by the Kerberos back end. If Samba is using > Kerberos in normal fashion, *nothing* ever sees the plain text > password again. A decent explanation lives at >...

...ying Samba stores plaintext passwords in the database? > >> No, that bit of bash turns a plain password into what you would store in > >> the users 'unicodePwd' attribute. > >> > >> For instance, if $PASSWORD == password , you would get > >> 'IgBwAGEAcwBzAHcAbwByAGQAIgA=' > >> > >> Rowland > > I appreciate that this is how to pass the plaintext password for > > setting it, for storage by the Kerberos back end. If Samba is using > > Kerberos in normal fashion, *nothing* ever sees the plain text > > password again. A dec...