Thanks for the replies. I was hoping. HAPPY HANUKA! -----Original Message----- From: Shachar Shemesh [mailto:shac...@shemesh.biz] Sent: Thursday, December 18, 2008 8:15 AM To: Dotan Shavit Cc: Josh Roden; linux-il@cs.huji.ac.il Subject: Re: Samba: convert shadow to smbpasswd.
Dotan Shavit wrote: > > > Please note that passwords are not transferred automatically from /etc/passwd > to the new /etc/samba/smbpasswd file. After running mksmbpasswd all accounts > are disabled so the system administrator must run smbpasswd for each account > that needs to be enable. > > I'll expand on that. The passwords on both Linux/Unix and on Windows are stored "encrypted". The reason I am using the quotes is that the technical term is not really encryption (a reversible operation given the right key), but rather cryptographic hashing, or one way function. Given a password, it is easy to calculate its hash (and thus, find out whether it is the same password as was given the last time), but given just the hash it is not possible to figure out the actual password. Now here's the catch - /etc/shadow and smb use a different hash function for storing passwords. In other words, the same password entered as both a Unix password and a Samba password will end up generating different hashed values. What Josh was asking for is, therefor, impossible. Writing such a tool would entail reversing the Unix password hash, which is something we would like to think is not possible. Shachar ================================================================To unsubscribe, send mail to linux-il-requ...@cs.huji.ac.il with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail linux-il-requ...@cs.huji.ac.il
