RE: How can I help ?
As I recall after windows 95 the passwords are sent over the line
encrypted. The encryption might be weak but they are not clear text
anymore.
There is a switch in SMB to allow encrypted passwords. This is ON by
default in debian (I believe)
-Ryan
On Tue, 13 Jun 2000, Alexander Hvostov wrote:
> Ronny and all,
>
> If you want to use LDAP, I suggest you do LDAP over SSL/TLS. The current
> OpenLDAP doesn't support it natively, but I believe there's a patch, and
> of course there's always wrappers like stunnel.
>
> Of course, if you want to use user authentication from Windows, using PAM
> is more or less out of the question. LDAP, of course, is not, and neither
> is SSL/TLS.
>
> By the way, Samba already is able to use LDAP for authentication, though
> it's not too great, last I checked. Maybe you fellows could work on
> it?
>
> Finally, if any of you have any knowledge of programming Windows drivers,
> I suggest you write a replacement and/or hack for the "Client for
> Microsoft Networks" driver, so that it can talk to Samba over SSL/TLS,
> which would be a very nice thing to have. (I hate the idea of sending my
> password in the clear over a SMB connection...)
>
> Regards,
>
> Alex.
>
> ---
> PGP/GPG Fingerprint:
> EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
>
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.12
> GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w
> O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
> G e-- h++ r--- y
> ------END GEEK CODE BLOCK------
>
> On Tue, 13 Jun 2000, Ronny Adsetts wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > <snip>
> > > One thing I am interested is, which ist AFAIK no
> > > implemented yet:
> > > Crossplattform userauthentication (win+unix),
> > > via LDAP.
> >
> > This is a great idea. I am willing to help if pointed in the right
> > direction. I guess using PAM and Samba together with LDAP might be a
> > place to start.
> >
> > Have perl, shell (bash) and some c skills, but always willing to
> > learn.
> >
> > Ronny Adsetts
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGP 6.5.1i for non-commercial use <http://www.pgpi.com/>
> >
> > iQA/AwUBOUawvP4+LjEVAJSfEQJMUQCcDdBLxD1S7fkYhM9sniPedA1G3+cAoO57
> > hMtR+4P+qMsMXS5sNEc5Tyvq
> > =jQaV
> > -----END PGP SIGNATURE-----
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> >
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: