[Bug 609092] Re: libpam-smbpass syncs unix passwords when "unix password sync" is off
Anders Aagaard
aagaande at gmail.com
Wed Jul 28 09:41:55 BST 2010
Yes, it's installed when you install samba, I should have specified I
meant "by default when installing samba", sorry about that.
I've looked around for a good while now trying to find out what hashes and encryption samba uses on it's files. I assumed it would have to use whatever hash the protocol uses, and it looks like I guessed right. Looking around for specifications on whats stored in the password database I find this in samba's documentation:
"user account information such as username, LM/NT password hashes, password change times, and account flags"
So that's LanMan and MD4 hash'es. LanMan is known for being easy to
crack (see http://en.wikipedia.org/wiki/LM_hash ).
My /etc/secrets are hashed to sha512 because it's too easy to break md5.
I REALLY don't want my password automatically put in more databases by
default in any package.
--
libpam-smbpass syncs unix passwords when "unix password sync" is off
https://bugs.launchpad.net/bugs/609092
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.
More information about the Ubuntu-server-bugs
mailing list