search for: unsalt

On 29/07/2023 16:47, Reese Wang via samba wrote: > Thanks. I'm wondering if I can avoid storing NT-hash (that unsalted > MD4) of user passwords, and still be able to join a Windows Server > 2022 server to the domain, and authenticate users with samba. > > Maybe I should read some documentation and open another thread. > I take it that by '2022 server', you mean a member server rather tha...

...ult" %salted% = "12345678.slt" (8 cijfers/letters) folders - Cache - Mail - ImapMail files - prefs.js - abook.mab - bookmarks.html ================================ Methode for making standard salted path ================================ rename"12345678.slt" to "unsalted.slt" Start mozilla Remove profiel "default" New profiel "default" Regiosettings "NL" This wil be linked to the slt-folder, but ONLY if exact 8 karakters. But cache still pointing to the old location ( salted ) ================================ Methode or makin...

Hello, I have a few questions on password schemes. Is SHA512 the most secure? Is there a difference between SHA512 and SHA512-CRYPT? What about SSHA512 and SSH512-CRYPT? Is there a problem with this sql statement: UPDATE virtual_users SET password=CONCAT(?{SHA256-CRYPT}?, ENCRYPT (?Password Goes Here?, CONCAT(?$5$?, SUBSTRING(SHA(RAND()), -16)))) WHERE user=?user at example.com?; I'm

Thanks. I'm wondering if I can avoid storing NT-hash (that unsalted MD4) of user passwords, and still be able to join a Windows Server 2022 server to the domain, and authenticate users with samba. Maybe I should read some documentation and open another thread.

...512. It's easy for me to change that scheme to something else if I want to, but the important fact is that I already have some users with passwords in salted SHA-512. The other population of users is purely virtual, and their password hashes are stored in a MySQL database in SHA-1 format (unsalted, but moving to salted wouldn't be a big deal). The database also has a column identifying the hash scheme, so SHA-1 isn't some assumption. I know that I have have multiple passdb in my dovecot config, but I'm looking to unify my two user populations and put them all in the MySQL...

Hello. I'm switching from b1gmail to my own setup which consists of Postfix+Dovecot+MySQL (and maybe VBoxAdm). There are two problems: - b1gmail is using unsalted MD5 hashes. Is there any good way to make my new setup backward compatible? So I don't have to force all of my 50k users to change their password. - How do I change my setup to salted SHA256 (or an even better algorithm). And how do I make the hashes compatible between Postfix, Dovecot, MySQL...

...ing email address. >> >> Thanks. >> Dave. > > SSHA512 is salted SHA512, SHA512-CRYPT is crypt(3) compatible salted hash. > PCKS5 or SHA512-CRYPT with over 1000 rounds is probably very secure, but > SHA512-CRYPT is also good. Using SHA512 is not recommended, as it's unsalted > hash. > > If ENCRYPT is same as crypt(3) then you can try put rounds into salt, like > "$6$rounds=4000$s9Zc4OA11IuLt/iV$". > > Aki >

The idea of salted hash algorithms is to generate a different hash even if the same text is entered. That can be easily seen with dovecotpw: using NON-salted SHA256, same hash is generated for a given password [root at correio ~]# dovecotpw -s SHA256 -p 123 {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM= [root at correio ~]# dovecotpw -s SHA256 -p 123

...ed directly from ? a systemd service file or init script. * The syntax for the ctdb.tunables configuration file has been ? relaxed.? However, trailing garbage after the value, including ? comments, is no longer permitted.? Please see ctdb-tunables(7) for ? more details. Operation without the (unsalted) NT password hash ------------------------------------------------- When Samba is configured with 'nt hash store = never' then Samba will no longer store the (unsalted) NT password hash for users in Active Directory.? (Trust accounts, like computers, domain controllers and inter-domain t...

...ed directly from ? a systemd service file or init script. * The syntax for the ctdb.tunables configuration file has been ? relaxed.? However, trailing garbage after the value, including ? comments, is no longer permitted.? Please see ctdb-tunables(7) for ? more details. Operation without the (unsalted) NT password hash ------------------------------------------------- When Samba is configured with 'nt hash store = never' then Samba will no longer store the (unsalted) NT password hash for users in Active Directory.? (Trust accounts, like computers, domain controllers and inter-domain t...

...ed directly from ? a systemd service file or init script. * The syntax for the ctdb.tunables configuration file has been ? relaxed.? However, trailing garbage after the value, including ? comments, is no longer permitted.? Please see ctdb-tunables(7) for ? more details. Operation without the (unsalted) NT password hash ------------------------------------------------- When Samba is configured with 'nt hash store = never' then Samba will no longer store the (unsalted) NT password hash for users in Active Directory.? (Trust accounts, like computers, domain controllers and inter-domain t...

...ed directly from ? a systemd service file or init script. * The syntax for the ctdb.tunables configuration file has been ? relaxed.? However, trailing garbage after the value, including ? comments, is no longer permitted.? Please see ctdb-tunables(7) for ? more details. Operation without the (unsalted) NT password hash ------------------------------------------------- When Samba is configured with 'nt hash store = never' then Samba will no longer store the (unsalted) NT password hash for users in Active Directory.? (Trust accounts, like computers, domain controllers and inter-domain t...

...tting an error 1064 at the ending email address. > > Thanks. > Dave. SSHA512 is salted SHA512, SHA512-CRYPT is crypt(3) compatible salted hash. PCKS5 or SHA512-CRYPT with over 1000 rounds is probably very secure, but SHA512-CRYPT is also good. Using SHA512 is not recommended, as it's unsalted hash. If ENCRYPT is same as crypt(3) then you can try put rounds into salt, like "$6$rounds=4000$s9Zc4OA11IuLt/iV$". Aki

...t; >> Thanks. > >> Dave. > > > > SSHA512 is salted SHA512, SHA512-CRYPT is crypt(3) compatible salted hash. > > PCKS5 or SHA512-CRYPT with over 1000 rounds is probably very secure, but > > SHA512-CRYPT is also good. Using SHA512 is not recommended, as it's unsalted > > hash. > > > > If ENCRYPT is same as crypt(3) then you can try put rounds into salt, like > > "$6$rounds=4000$s9Zc4OA11IuLt/iV$". > > > > Aki > >

On 29/07/2023 15:26, Reese Wang via samba wrote: > I see "Samba HOWTO Collection" mentioned twice in man smb.conf. Where > can I find the newest version of it? Is it still relevant? > > I'm asking because I didn't find the "User Database" chapter, which is > mentioned in man smb.conf, in the "Samba HOWTO Collection" I found > with Google.

...ed directly from ? a systemd service file or init script. * The syntax for the ctdb.tunables configuration file has been ? relaxed.? However, trailing garbage after the value, including ? comments, is no longer permitted.? Please see ctdb-tunables(7) for ? more details. Operation without the (unsalted) NT password hash ------------------------------------------------- When Samba is configured with 'nt hash store = never' then Samba will no longer store the (unsalted) NT password hash for users in Active Directory.? (Trust accounts, like computers, domain controllers and inter-domain t...

...ed directly from ? a systemd service file or init script. * The syntax for the ctdb.tunables configuration file has been ? relaxed.? However, trailing garbage after the value, including ? comments, is no longer permitted.? Please see ctdb-tunables(7) for ? more details. Operation without the (unsalted) NT password hash ------------------------------------------------- When Samba is configured with 'nt hash store = never' then Samba will no longer store the (unsalted) NT password hash for users in Active Directory.? (Trust accounts, like computers, domain controllers and inter-domain t...

...ed directly from ? a systemd service file or init script. * The syntax for the ctdb.tunables configuration file has been ? relaxed.? However, trailing garbage after the value, including ? comments, is no longer permitted.? Please see ctdb-tunables(7) for ? more details. Operation without the (unsalted) NT password hash ------------------------------------------------- When Samba is configured with 'nt hash store = never' then Samba will no longer store the (unsalted) NT password hash for users in Active Directory.? (Trust accounts, like computers, domain controllers and inter-domain t...

...ed directly from ? a systemd service file or init script. * The syntax for the ctdb.tunables configuration file has been ? relaxed.? However, trailing garbage after the value, including ? comments, is no longer permitted.? Please see ctdb-tunables(7) for ? more details. Operation without the (unsalted) NT password hash ------------------------------------------------- When Samba is configured with 'nt hash store = never' then Samba will no longer store the (unsalted) NT password hash for users in Active Directory.? (Trust accounts, like computers, domain controllers and inter-domain t...

...ed directly from ? a systemd service file or init script. * The syntax for the ctdb.tunables configuration file has been ? relaxed.? However, trailing garbage after the value, including ? comments, is no longer permitted.? Please see ctdb-tunables(7) for ? more details. Operation without the (unsalted) NT password hash ------------------------------------------------- When Samba is configured with 'nt hash store = never' then Samba will no longer store the (unsalted) NT password hash for users in Active Directory.? (Trust accounts, like computers, domain controllers and inter-domain t...