Web lists-archives.com

Re: [Samba] retrieve machine password in current Samba?




On Sat, 2017-08-26 at 01:02 +0000, James Zuelow via samba wrote:
> > -----Original Message-----
> > From: Jeremy Allison [mailto:jra@xxxxxxxxx]
> > Sent: Friday, August 25, 2017 3:48 PM
> 
> 
> > Looking at the code I think it's now returning the plaintext password, whereas
> > previously it only stored the password hash. You'll have to hash to make it
> > useful by wicd it seems (I'm guessing wicd expects the hash, not the plaintext).
> 
> OK.
> 
> I guess I had that backwards.  I thought that the new version (\EE\A9\8D\EF\AD\AC...) was giving me an encrypted (or hashed I guess) value, and the old version ( ]f2>lOR4NA~hbv ) was the plaintext password.
> 
> I'll see if I can't translate that over somehow.  

The recent secrets changes to store the krb5 hashes changed some things
to use a IDL defined NDR packed structure.  I've not checked the
details, but that might be what you are seeing. 

This is a very valid use case, we clearly do need a net sub-command to
just print it.

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba