As I recall after windows 95 the passwords are sent over the line encrypted. The encryption might be weak but they are not clear text anymore.
There is a switch in SMB to allow encrypted passwords. This is ON by default in debian (I believe) -Ryan On Tue, 13 Jun 2000, Alexander Hvostov wrote: > Ronny and all, > > If you want to use LDAP, I suggest you do LDAP over SSL/TLS. The current > OpenLDAP doesn't support it natively, but I believe there's a patch, and > of course there's always wrappers like stunnel. > > Of course, if you want to use user authentication from Windows, using PAM > is more or less out of the question. LDAP, of course, is not, and neither > is SSL/TLS. > > By the way, Samba already is able to use LDAP for authentication, though > it's not too great, last I checked. Maybe you fellows could work on > it? > > Finally, if any of you have any knowledge of programming Windows drivers, > I suggest you write a replacement and/or hack for the "Client for > Microsoft Networks" driver, so that it can talk to Samba over SSL/TLS, > which would be a very nice thing to have. (I hate the idea of sending my > password in the clear over a SMB connection...) > > Regards, > > Alex. > > --- > PGP/GPG Fingerprint: > EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9 > > -----BEGIN GEEK CODE BLOCK----- > Version: 3.12 > GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w > O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+ > G e-- h++ r--- y > ------END GEEK CODE BLOCK------ > > On Tue, 13 Jun 2000, Ronny Adsetts wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > <snip> > > > One thing I am interested is, which ist AFAIK no > > > implemented yet: > > > Crossplattform userauthentication (win+unix), > > > via LDAP. > > > > This is a great idea. I am willing to help if pointed in the right > > direction. I guess using PAM and Samba together with LDAP might be a > > place to start. > > > > Have perl, shell (bash) and some c skills, but always willing to > > learn. > > > > Ronny Adsetts > > > > -----BEGIN PGP SIGNATURE----- > > Version: PGP 6.5.1i for non-commercial use <http://www.pgpi.com/> > > > > iQA/AwUBOUawvP4+LjEVAJSfEQJMUQCcDdBLxD1S7fkYhM9sniPedA1G3+cAoO57 > > hMtR+4P+qMsMXS5sNEc5Tyvq > > =jQaV > > -----END PGP SIGNATURE----- > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
