> > A. Wik enscribed thusly:
> > > "Michael H. Warfield" <mhw@wittsend.com> wrote:
> > > > > (if you call share passwords security at all), they passwords are not
> > > > encrypted,
> > > Neither are telnet and FTP passwords. Besides, unless public-key
> > I use neither... I use SSH and do not allow unencrypted access
> > to interactive connections.
> SSH is great, but unfortunately, not always installed.
> > > cryptography is used, passwords have to be stored in plain-text (or
> > > another sensitive format) on disk if they are to be encrypted on the
> > > network.
> > Not true at all...
> > challenge response system for the client to prove that it knows the hashes
> > without revealing them. In theory, if you broke into the server and stole
> > the hashes, you could create a fake client who could then fake out the
> > server, but you already own the server from having broken into it. You do
> > not have to store passwords in clear, or in any reversible format anywhere.
> No, but the hash file is still more sensitive than a shadow file.
It really would be nice if you knew what you were talking about.
The shadow password file also stores one-way hashes. The smbpassword file
(assuming that's what you are talking about) can be just as secure as the
shadow file (readable only to root), so how is it "more sensitive"?
> SMB password encryption in it's current form just doesn't seem (to me)
> worth the trouble of keeping a separate password database, incompatible
> with anything else.
And your choice is? All you have are hashes. You can not reverse
the hashing. If you don't have the NTLM hashes, you can not generate them
from the one-way hashes in the shadow file or anywhere else. And without
them you are not going to be able to authenticate against the NTLM challenge
response system. They don't give you a password to validate. You have to
have the NTLM hashes that the client is going to regenerate as part of the
challenge response protocol. That protocol could still use some hardening
even in NTLM SSP v2, but the hashes themselves are pretty tough nuts to
crack. Just as tough as the MD5 hashes in the shadow file (if you bothered
to enable MD5 hashes - if you didn't, well, what can I say).
Mike
-- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/