Re: 'krbPrincipalKey' and 'sambaMungedDial'

To: debian-edu@lists.debian.org
Subject: Re: 'krbPrincipalKey' and 'sambaMungedDial'
From: Martin Schulte <schulte-martin@web.de>
Date: Tue, 26 Mar 2013 22:48:52 +0100
Message-id: <[🔎] 515217C4.2010004@web.de>
In-reply-to: <[🔎] 2fly5dbb3lw.fsf@diskless.uio.no>
References: <[🔎] 514C95D7.2080502@web.de> <[🔎] 20130322180127.GA10478@fuzi> <[🔎] 514F0B48.6010501@web.de> <[🔎] 2fly5dbb3lw.fsf@diskless.uio.no>

Hi,

here is the wiki article and the script:http://wiki.debian.org/DebianEdu/HowTo/RecoverPasswords



Best regards,


Martin




Am 25.03.2013 21:56, schrieb Petter Reinholdtsen:

[Martin Schulte]

thank you for your answer.
I found a way to get the passwords in cleartext from lenny ldap, thanks
to windows, the secures OS ever :-) and his LM-Hash. You can crack this
LM-hash using ophcrack (http://en.wikipedia.org/wiki/Ophcrack ), which
uses rainbow tables.

Interesting and scary.  Even in Debian Edu Squeeze, the user passwords
are stored in three places in the user LDAP object.  Once for Kerberos,
once for Samba and once for GOsa.  We should really try to get rid of
the last two.

If someone interested i can put the script into the wiki.

Sound like a nice thing to publish, yes.

Reply to:

References:
- 'krbPrincipalKey' and 'sambaMungedDial'
  - From: Martin Schulte <schulte-martin@web.de>
- Re: 'krbPrincipalKey' and 'sambaMungedDial'
  - From: "Andreas B. Mundt" <andi.mundt@web.de>
- Re: 'krbPrincipalKey' and 'sambaMungedDial'
  - From: Martin Schulte <schulte-martin@web.de>
- Re: 'krbPrincipalKey' and 'sambaMungedDial'
  - From: Petter Reinholdtsen <pere@hungry.com>

Prev by Date: debian-edu_1.704~svn79477_i386.changes ACCEPTED
Next by Date: Re: [debian-edu-commits] r79504 - in branches/wheezy/debian-edu: debian tasks
Previous by thread: Re: 'krbPrincipalKey' and 'sambaMungedDial'
Next by thread: Upload rights
Index(es):
- Date
- Thread