From f9e6081383cfc8d4319afa4103dbe5abcaafa708 Mon Sep 17 00:00:00 2001 From: vorlon Date: Fri, 4 Jul 2008 09:23:34 +0000 Subject: Load samba-3.2.0 into branches/samba/upstream-3.2. git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/upstream-3.2@1981 fc4039ab-9d04-0410-8cac-899223bdd6b0 --- docs/htmldocs/Samba3-Developers-Guide/pwencrypt.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs/htmldocs/Samba3-Developers-Guide/pwencrypt.html') diff --git a/docs/htmldocs/Samba3-Developers-Guide/pwencrypt.html b/docs/htmldocs/Samba3-Developers-Guide/pwencrypt.html index 580421c25e..4552f36961 100644 --- a/docs/htmldocs/Samba3-Developers-Guide/pwencrypt.html +++ b/docs/htmldocs/Samba3-Developers-Guide/pwencrypt.html @@ -1,12 +1,12 @@ Chapter 13. LanMan and NT Password Encryption

Chapter 13. LanMan and NT Password Encryption

Jeremy Allison

Samba Team

19 Apr 1999

Introduction

With the development of LanManager and Windows NT +

19 Apr 1999

Table of Contents

Introduction
How does it work?
The smbpasswd file

Introduction

With the development of LanManager and Windows NT compatible password encryption for Samba, it is now able to validate user connections in exactly the same way as a LanManager or Windows NT server.

This document describes how the SMB password encryption algorithm works and what issues there are in choosing whether you want to use it. You should read it carefully, especially - the part about security and the "PROS and CONS" section.

How does it work?

LanManager encryption is somewhat similar to UNIX + the part about security and the "PROS and CONS" section.

How does it work?

LanManager encryption is somewhat similar to UNIX password encryption. The server uses a file containing a hashed value of a user's password. This is created by taking the user's plaintext password, capitalising it, and either @@ -43,7 +43,7 @@ know the correct password and is denied access.

Note that the Samba server never knows or stores the cleartext of the user's password - just the 16 byte hashed values derived from it. Also note that the cleartext password or 16 byte hashed values - are never transmitted over the network - thus increasing security.

The smbpasswd file

In order for Samba to participate in the above protocol + are never transmitted over the network - thus increasing security.

The smbpasswd file

In order for Samba to participate in the above protocol it must be able to look up the 16 byte hashed values given a user name. Unfortunately, as the UNIX password value is also a one way hash function (ie. it is impossible to retrieve the cleartext of the user's -- cgit v1.2.3