Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

help samba

"Brian J. Conway" wrote:
> I know this is a bit late, but rather than using plain-text passwords,
> wouldn't it be better to set up samba to use what little encryption is
> included in Win9x/NT?
> -b
> > I know when I set up new PC's on our network, I always forget to install plain-passwords on the win machines at first, but that always does the trick.

Setting up Samba to use encrypted passwords will indeed improve network
security, but it's a pain to administer. You have to maintain a separate
smbpasswd file (for the Windows connections), as well as the usual Unix
passwords. The reason is that the Windows encryption is not the same as
Unix encryption, and you can't get back from one to the other - only
from clear text to either one. Some administrators ease the burden by
installing a replacement program for passwd(1) that changes both Unix
and Samba passwords.

On the other hand, setting up the Windows machines to use non-encrypted
passwords is also a pain if you have a lot of them, because you have to
touch every 98/NT4/2000 system individually.

Depending on the goals and exposure of your network (for example, if
it's a small LAN with no internet connection, or behind a
well-configured firewall), using non-encrypted passwords may be

If you do plan to use encrypted passwords, make sure you have at least
Samba 2.0.6 - earlier versions don't work reliably - and if you have any
Win2K systems, 2.0.7 is necessary.
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at (Subject line is ignored).

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /