Samba's Encrypted Password Support
By default, Samba uses plaintext passwords to authenticate clients who access network resources. Samba also supports the use of LanManager- and NT-encrypted password authentication. Using encrypted passwords with Samba has its advantages and disadvantages. On the positive side, encrypted passwords mean that plaintext passwords cannot be “sniffed” off the network when users log in to a Samba share. This is particularly important when users connect to a Samba server across a public wide-area network, like the Internet. Furthermore, the latest service packs for Windows 95 and Windows NT do not allow plaintext authentication to be used when connecting to an SMB server. When using the latest version of Windows, either Samba must be configured to use encrypted passwords, or the registry must be edited to enable plaintext passwords.
On the negative side, using encrypted passwords requires some extra administrative work. The SMB-encrypted-password algorithm is incompatible with the standard UNIX encryption method. As a result, a second password file containing the LanManager- and NT-password hashes for each user, must be created. If someone makes use of other services on the server, a technique to keep both password files synchronized will have to be used.
As of Samba version 1.9.18, the best reason to not use encrypted-password authentication has been eliminated. Previous versions of Samba made use of a Data Encryption Standard (DES) library to compute LanManager password hashes. Because it was linked against a DES library, a compiled version of Samba would be illegal to export from the United States. Strong encryption, like DES, is still considered a munition by U.S. law. To make it easier for stateside mirrors of the Samba FTP archive to distribute Samba, precompiled Samba binaries usually did not contain support for encrypted passwords. Beginning with version 1.9.18, Samba uses a crippled version of DES that is still suitable for calculating LanManager hashes, but is legal to export from the United States.
Since the latest service packs to Windows NT and Windows 95 disable the ability to connect to shares, setting Samba to process encrypted passwords has become even more desirable. While it is possible to edit the registries on all of your machines to re-enable the use of plaintext passwords, it is probably easier to configure Samba to use encrypted passwords.
There are two styles of SMB-encrypted-password authentication: LanManager and Windows NT. Both techniques use a file which contains hashed values of a user's password, not plaintext passwords, just as the standard UNIX authentication method does. However, each uses its own technique to generate this hash.
LanManager-style hashes are generated using this algorithm:
Convert the password entered by a user to all capitals.
Either truncate the resulting password to 14 characters if it is longer, or pad the password with null bytes if it is shorter than 14 characters.
Use this 14-byte value as two 56-bit DES keys to encrypt a secret 8-byte value twice, creating a 16-byte value. This value is the hashed password which is stored in the password file. This secret value is a string consisting of the characters KGS!@#$%.
Unfortunately, this algorithm has a serious weakness. First, the password is converted to all uppercase before it is hashed. This reduces the number of possible characters in the password from 95 to 69. However, since most punctuation characters are also denied, the number of possible characters is closer to 40. This reduces the actual size of the keyspace from 9514 to about 4014. Further, each half of the password is encrypted independently. This means that either half of the password can be recovered without recovering the other half. A better approach would have been to “chain” the two encryptions together by feeding the output of the first encryption into the second encryption. This technique is called cipher block chaining. The entire 16-byte hashed password has a possible keyspace of 2128, or 3.4 x 1038. Not using cipher block chaining reduces the number of possible hashed passwords from this value to 2(407) or 3.2 x 1011.
As a result, it is possible to use brute force to crack the LanManager passwords in a reasonably short period of time. L0phtcrack, from L0pht Heavy Industries (http://www.l0pht.com/), has been demonstrated to exhaust the keyspace in 62 hours on a quad Pentium Pro 200 SMP box. Since even paranoid users rarely change their passwords more frequently than every few weeks, systems are vulnerable to system crackers with more conventional hardware at their disposal.
In contrast, the Windows NT hashing algorithm is much stronger. The NT hashing algorithm consists of computing a 128-bit MD4 hash of a Unicode version of the user's password. Since the password is not truncated and makes the entire Unicode character set available for use, this technique makes use of the entire 128-bit keyspace. Unfortunately, for the sake of backwards compatibility, nearly all SMB servers allow access using either hashing technique. This means that an SMB server, like Samba, must store both hashes in its password database. As a result, at least for the immediate future, it doesn't matter that the NT algorithm is stronger.
|Speed Up Your Web Site with Varnish||Jun 19, 2013|
|Non-Linux FOSS: libnotify, OS X Style||Jun 18, 2013|
|Containers—Not Virtual Machines—Are the Future Cloud||Jun 17, 2013|
|Lock-Free Multi-Producer Multi-Consumer Queue on Ring Buffer||Jun 12, 2013|
|Weechat, Irssi's Little Brother||Jun 11, 2013|
|One Tail Just Isn't Enough||Jun 07, 2013|
- Speed Up Your Web Site with Varnish
- Containers—Not Virtual Machines—Are the Future Cloud
- Linux Systems Administrator
- Lock-Free Multi-Producer Multi-Consumer Queue on Ring Buffer
- Senior Perl Developer
- Technical Support Rep
- Non-Linux FOSS: libnotify, OS X Style
- UX Designer
- RSS Feeds
- It is quiet helping
1 hour 10 min ago
1 hour 27 min ago
- Reachli - Amplifying your
2 hours 43 min ago
3 hours 32 min ago
- good point!
3 hours 35 min ago
- Varnish works!
3 hours 44 min ago
- Reply to comment | Linux Journal
4 hours 14 min ago
- Reply to comment | Linux Journal
6 hours 40 min ago
- Reply to comment | Linux Journal
10 hours 39 min ago
- Yeah, user namespaces are
11 hours 56 min ago
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?