On Fri, 2005-12-23 at 09:54 +0100, Felix Brack wrote: > It's true (partially) that the administrator has access to all secrets > stored on the server. However the administrator does not _know_ a users > password or samba password. He can of course change those passwords. > This however would be noticed by the user who's password has been > changed and data encrypted with the users former password would still > not decrypt (with the new password) to some meaningful data, right? > > If this is correct my requirements would be fulfilled. > > I do not know at all how things are running within samba but fact is, > that any user authenticates himself when connecting to a server share > from his client. Wouldn't this be the method to tell a VFS module to > do encryption/decryption with the user's password? As I already > stated, I am aware that things are not that simple but the principle > should remain.
The Samba server is never given the plaintext password. As such, it cannot decrypt anything with it. (This is because it uses a challenge-response authentication system. This means the server must hold the password-equivalent value). > My PDC is setup to present the user a network drive H: that holds his > home directory; this is great and very simple to configure with samba. > Why not present the user, say network drive Q:, showing the decrypted > contents of a file stored on the server that is encrypted with the > users password? The user wouldn't 'see' any difference between > accessing files on H: or Q:. This would provide a truly transparent > access to encrypted data. This would be great, if there were a secure, out of band way to push the password to the server. (This could be achieved by a local 'server' which interacts with the user's session to get the password, and then accesses the real server). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba