Ubuntu Networking :: Encrypted Password In Samba Credentials File?
Apr 20, 2010
I remember that some time ago I found a guide on the Ubuntu website about adding samba shares to mount at boot via /etc/fstab. The guide also mentioned using a credentials file to store the username and password.
However, the password was encrypted (in md5 I think) and it could not be read directly, but it still worked with fstab mount. If I remember correctly, the file contents were similar to this:
Code:
useraname = user
password = --md5
where was replaced by the encoded password. All was done in terminal. Recently I changed computers, and re-installed Ubuntu, but I forgot to save that file so I am not sure about the contents. I would like to know how to do this again, but I can't find the guide anymore. Does anyone know how to do this? Storing the password in plain text in file readable only by root is not acceptable because it can be read by someone mounting the drive from other operating system, and the share cannot be mounted/unmounted by regular users (which is possible with the md5 encrypted password).
View 1 Replies
ADVERTISEMENT
Jul 17, 2010
I want to use samba for file sharing like on a Windows home network. Actually they are all Linux machines but nfs is too complicated. On my host machine I installed samba and system-config-samba. I created a new share for /home, check marked writable and visible and put access to everybody. For preferences-->server settings--> security the "authentication mode" is set to user, encrypt passwords is no, and guest account is no guest account. Under preferences-->samba users I added myself as a user with the same windows user name as my Linux user name and the same password.
My client is a virtualbox fedora (used for testing purposes but actual clients will be real computers on my home network). I entered the address smb://192.168.1.184. When asked for the user name and password I put my regular user name and password since that was what I set in samba users. However, the password dialog keeps coming up and won't let met into my own computer. If I quit it says something like access is denied. How can I get my home network back? I liked this feature when my home computers ran XP but I switched them to Fedora 12.
View 2 Replies
View Related
Feb 5, 2009
I want to read the user username and password available in a password file. I want the password to be stored in a user home directory and my perl script should read , whenever needed from that file. Am not a Perl programmer and I want to set this for admin related activities. In what syntax I need to write the password file and How to call them using the perl script.
View 3 Replies
View Related
May 21, 2010
So in an environment where I have 40+ sets of completely unique sets of logon credentials. The only way I've been able to manage this is by keeping them in a hidden and heavily encrypted text file in my home dir.Would like to hear alternatives to this approach if there are any, BTW. Right now I have a script that automates the process of un-encrypting the file, launching an editor and then clean-up with shred -u after editing and re-encrypting.
What bugs me is the interim where I have the file in an un-encrypted state on my drive. It doesn't seem necessary. I have a view script that allows me to see what's in the file without saving it to the drive.
View 2 Replies
View Related
Jul 27, 2011
I just upgraded from F14 to F15 and have a problem with entering the password for the encrypted FS: when booting with the latest entry in the bootloader:
Quote:
kernel /vmlinuz-2.6.38.6-26.rc1.fc15.i686.PAE ro root=/dev/mapper/vg_anonymous-lv_root rd_LUKS_UUID=luks-3ef72221-1165-46a6-ab69-3932e22e9d4f rd_LVM_LV=vg_anonymous/lv_root rd_LVM_LV=vg_anonymous/lv_swap rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=de
initrd /initramfs-2.6.38.6-26.rc1.fc15.i686.PAE.img
[Code]....
View 1 Replies
View Related
Jan 14, 2010
I would like to grep all values other than encrypted password from /etc/shadow fileFor example,each line consists of 8 fields separated with :/The only thing that I want not to print out is the contents between first : and second : (encrypted password)
View 7 Replies
View Related
Jul 14, 2011
there are some configuration files where linux require the password of application user, to do something.how can i to encrypt the password in these files? Or how can i to store that password in encrypted file and retrieve it in secure mode?
View 2 Replies
View Related
Sep 2, 2010
I'm using SAMBA as a file server on a Ubuntu Server 10.04 32-bit. I'm using a 10.6.4 Mac client and a Windows 7 client. I created shortcuts on the client machines to point to the shared folders with embedded credentials ("Remember password" is ticked), but the problem is that whenever the Windows user logs off, the credentials are forgotten and the user needs to re-enter them. This problem does not occur on the Mac client.
Code:
# Sample configuration file for the Samba suite for Debian GNU/Linux.
#
#
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
[code].....
View 6 Replies
View Related
May 2, 2011
I have installed a Samba Server (Ubuntu 10.10 Server) detailed config below. The server is up and running but clients running windows 7 cannot connect as their credentials are not accepted. The pop window for credentials keep coming back up on the clients and no connection is issued. I have tried to change the policies on windows 7 as such:
Network security: LAN Manager authentication level Send LM & NTLM responses
Minimum session security for NTLM SSP
Disable Require 128-bit encryption
But to no avail. I am in doubt as far as where the issue is coming from. Meaning is it coming from my Samba conf or something in Windows I am not doing right.
[global]
server string = %h server (Samba, Ubuntu)
interfaces = 192.168.178.0/24, eth0
bind interfaces only = Yes
[code]....
View 6 Replies
View Related
Oct 26, 2010
I just wanted to checkout samba. So, I installed on a CentOS 5.5 64bit server. The version I used is 3.5.6. I followed this guide. [URL]. LDAP is working good. When I use the following command: (net groupmap list) I am getting the error.
Code: [root@server1 samba]# net groupmap list
[2010/10/26 16:26:09.135901, 0] lib/smbldap.c:1151(smbldap_connect_system)
failed to bind to server ldap://127.0.0.1 / with dn="cn=root,dc=mtm,dc=testdomain,dc=com" Error: Invalid credentials
[2010/10/26 16:26:39.180063, 0] passdb/pdb_ldap.c:3448(ldapsam_setsamgrent)
ldapsam_setsamgrent: LDAP search failed: Time limit exceeded
[2010/10/26 16:26:39.180109, 0] passdb/pdb_ldap.c:3523(ldapsam_enum_group_mapping)
ldapsam_enum_group_mapping: Unable to open passdb I am sure that I have set the correct password in Code: smbpassword -w mypassword.
Also, I can login to the LDAP thourgh PHPLDAPAdmin with the same password and the bind cn.
Here is my smb.conf Code: # Global parameters
[global]
ldap ssl = off
nt acl support = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_KEEPALIVE
workgroup = TESTDOMAIN
netbios name = SERVER1
security = user
enable privileges = yes
#interfaces = 192.168.5.11
#username map = /etc/samba/smbusers
server string = Samba Server %v
#security = ads
encrypt passwords = Yes
#min passwd length = 3
#pam password change = no
#obey pam restrictions = No
# method 1:
#unix password sync = no
#ldap passwd sync = yes
# method 2:
unix password sync = yes
ldap passwd sync = no
passwd program = /usr/sbin/smbldap-passwd -u "%u"
passwd chat = "Changing *
New password*" %n
"*Retype new password*" %n
"
log level = 10
syslog = 0
log file = /var/log/samba/log.%U
max log size = 50
time server = Yes
#socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-1
logon script = logon.bat
logon drive = H:
logon home =
logon path =
domain logons = Yes
domain master = Yes
os level = 65
preferred master = Yes
wins support = yes
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=root,dc=mtm,dc=testdomain,dc=c om
#ldap admin dn = cn=samba,ou=DSA,dc=company,dc=c om
ldap suffix = dc=mtm,dc=testdomain,dc=c om
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
#ldap idmap suffix = ou=Idmap
add user script = /usr/sbin/smbldap-useradd -m "%u"
#ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
# printers configuration
#printer admin = @"Print Operators"
load printers = Yes
create mask = 0640
directory mask = 0750
#force create mode = 0640
#force directory mode = 0750
#nt acl support = No
printing = cups
printcap name = cups
deadtime = 10
guest account = nobody
map to guest = Bad User
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
show add printer wizard = yes
; to maintain capital letters in shortcuts in any of the profile folders:
preserve case = yes
short preserve case = yes
case sensitive = no
[netlogon]
path = /home/netlogon/
browseable = No
read only = yes
[profiles]
path = /home/profiles
read only = no
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
profile acls = yes
csc policy = disable
# next line is a great way to secure the profiles
#force user = %U
# next line allows administrator to access all profiles
#valid users = %U "Domain Admins"
[printers]
comment = Network Printers
#printer admin = @"Print Operators"
guest ok = yes
printable = yes
path = /home/spool/
browseable = No
read only = Yes
printable = Yes
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
# print command = /usr/bin/lpr -U%U@%M -P%p -r %s
# lpq command = /usr/bin/lpq -U%U@%M -P%p
# lprm command = /usr/bin/lprm -U%U@%M -P%p %j
# lppause command = /usr/sbin/lpc -U%U@%M hold %p %j
# lpresume command = /usr/sbin/lpc -U%U@%M release %p %j
# queuepause command = /usr/sbin/lpc -U%U@%M stop %p
# queueresume command = /usr/sbin/lpc -U%U@%M start %p
[print$]
path = /home/printers
guest ok = No
browseable = Yes
read only = Yes
valid users = @"Print Operators"
write list = @"Print Operators"
create mask = 0664
directory mask = 0775
[public]
path = /tmp
guest ok = yes
browseable = Yes
writable = yes
View 2 Replies
View Related
Apr 23, 2010
Is it possible to have the passwd file for svnserve encrypted, rather than store the usernames/passwords in plain text?
View 3 Replies
View Related
Jul 28, 2010
I just tried to build my own samba/ldap server on opensuse 11.3 and i am continuously getting an invalid credentials error when doing the smbpasswd -a command. Below are my smb and ldap files.
smb.conf
# Primary Domain Controller smb.conf
# Global parameters
[global]
unix charset = utf8
workgroup = MERCDOMAIN
netbios name = mercserver
passdb backend =ldapsam:"ldap://mercserver.mercdomain.com"
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 0
#name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
logon script = logon.bat
logon path = \mercserverprofiles\%u
logon drive = H:
domain logons = Yes
domain master = Yes
wins support = Yes
# peformance optimization all users stored in ldap
ldapsam:trusted = yes
ldap suffix = dc=mercdomain,dc=com
ldap machine suffix = ou=Computers,ou=Users
ldap user suffix = ou=People,ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=mercserver,dc=com
ldap ssl = off
idmap backend = ldap://127.0.0.1
idmap uid = 10000-20000
idmap gid = 10000-20000
printer admin = root
printing = cups
# = Share Definitions =
[homes]
comment = Home Directories
valid users = %S
browseable = yes
writable = yes
create mask = 0600
directory mask = 0700
[sysvol]
path = /home/data/samba/sysvol
read only = no
[netlogon]
comment = Network Logon Service
path = /home/data/samba/sysvol/vavai.net/scripts
writeable = yes
browseable = yes
read only = no
[profiles]
path = /home/data/samba/profiles
writeable = yes
browseable = no
read only = no
create mode = 0777
directory mode = 0777
[Documents]
comment = share to test samba
path = /home/data/documents
writeable = yes
browseable = yes
read only = no
valid users = "@Domain Users"
slapd.conf
UW PICO 5.04 File: /etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba3.schema
modulepath /usr/lib/openldap/modules/
# moduleload back_bdb.la
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
# Samba Primary Database mercdomain.com
database bdb
suffix "dc=mercdomain,dc=com"
directory /var/lib/ldap
rootdn "cn=Manager,dc=mercdomain,dc=com"
rootpw merc84
index entryCSN eq
index entryUUID eq
#access to attrs=userPassword,sambaLMPassword,sambaNTPassword
# by self write
# by dn="cn=Manager,dc=mercdomain,dc=com" write
# by * auth
#access to *
# by dn="cn=Manager,dc=mercdomain,dc=com" write
# by * read
# Indices to maintain
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index memberUID eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub
ldap.conf
UW PICO 5.04 File: ldap.conf # LDAP Master
host mercserver.mercdomain.com
base dc=mercdomain,dc=com
binddn cn=Manager,dc=mercdomain,dc=com
bindpw merc84
bind_policy soft
pam_password exop
nss_base_passwd ou=People,ou=Users,dc=mercdomain,dc=com?one
nss_base_shadow ou=People,ou=Users,dc=mercdomain,dc=com?one
nss_base_passwd ou=Computers,ou=Users,dc=mercdomain,dc=com?one
nss_base_shadow ou=Computers,ou=Users,dc=mercdomain,dc=com?one
nss_base_group ou=Groups,dc=mercdomain,dc=com?one
ssl no
View 1 Replies
View Related
Oct 18, 2010
I run:
Linux 2.6.27.48-0.3-pae i686
openSUSE 11.1
KDE 3.5.10
When I attempt to determine who's in the samba database or enter a new member in the file I get the following: No builtin nor plugin backend for tbdsam found PANIC (pid 8201): pdb_get_methods_reload: failed to get pdb methods for backend tbdsam
[Code]....
I attempted to upgrade from the software.opensuse.org website with samba-3.60-10.1.i586.rpm. I get a message: Nothing provides cifs-utils needed by samba-client-3.60-10.1.i586.rpm. So I could not upgrade. There are other upgrades on the site but they are not available for some reason. What is an appropriate upgrade? Is upgrading the solution? If not then what?
View 3 Replies
View Related
Apr 5, 2011
I need to see who all the Samba users are. Some other distros keep that in /etc/samba/smbpassword file but I don't have that file here.
Using Slackware 13.1 (64)
View 8 Replies
View Related
Jan 5, 2010
I've just started using ubuntu one. However, some of the files I store on there are sensitive so I encrypt them using seahorse. Right click, encrypt etc etc. My question is, is there a way to automatically get the encrypt process to delete the un-encrypted file when it makes the new encrypted copy?
View 6 Replies
View Related
Oct 17, 2010
I have a ubuntu pc that has an attached printer that I want everyone on the net work to have access to to print. I have added the samba printer but it keeps asking for a darn password every time I print something and it is driving me nuts.
Smb.conf
Code:
[global]
## Browsing/Identification ###
# Change this to the workgroup/NT-domain name your Samba server will part of
workgroup = mshome
[code]....
View 4 Replies
View Related
Sep 21, 2010
I've got a problem whereby I am running NIS with Samba exporting a local filesystem to a number of Windows Clients who mount the filesystem as a network drive.However, I want the Samba password to synchronise with the NIS password database, I have spent many hours trawling Google results but can't seem to find an answer that I can understand.My Environment.
Server: RedHat Enterprise Linux Server 5.3
NIS Version: 2.19
SMB Version: 3.0.33-3.14.el5
Clients: Windows XP and RedHat Enterprise Linux Client 5.3Shadow Passwords are enabled.NIS Master and SMB Filesystem are on the same system.If anyone wants me to provide config files if you let me know which ones you want to see and Ill get them posted
View 3 Replies
View Related
May 5, 2010
I'm currently running two computers running Karmic (one was upgraded from Jaunty), and both are running Samba servers. Before I upgraded from Jaunty, I was running Linpopup for a simple Winpopup program to just send and receive Winpopup messages. Afterwards, it was removed due to a lack of support, so I installed it manually, finding all the required packages on the Ubuntu Package List site.
My current problem is that running Code: smbclient -M [network-name] asks for a password before it will let me enter my message, which means that I have to add my password on the first line of my message in Linpopup. My question is, why do I have to enter a password just to send a Winpopup message between computers and how do I disable this? None of the documentation I've found so far indicates anything about fixing it, let alone that the problem exists.
View 1 Replies
View Related
Jun 15, 2010
Prior to Karmic I had samba working well. Karmic upgrade broke samba with an endless password loop when trying to connect to a samba server. I have not been able to get it working since, including after upgrade to Lucid. I've now encountered a similar problem attempting to login into an SSH server. Laptop to desktop, (Karmic to Lucid),ssh ok, reverse no joy. (sshd running on both).
View 1 Replies
View Related
Jul 23, 2010
I'm using Ubuntu 9.10 and trying to install a printer over the network which is plugged into a Windows 7 machine. I can see the workgroup fine and the computer fine on the network, but when I try to double-click on the computer (both via the nautilus and the printer setup route), it asks me for a username, workgroup and password.
I tried the account's username and password and username "Guest" with no password but neither worked. The weird thing is that when I booted my machine into Windows XP and tried to install the same printer, it never asked me for a username and password and installed just fine. Why is Samba/Ubuntu asking me for the Windows 7 password when Windows XP didn't need it?
View 5 Replies
View Related
Jul 17, 2010
Linux 2.6.34-12-desktop x86_64smbd: 3.5.4-4.1-2382-SUSE-SL11.3I updated from v11.2. to v11.3.However, the SMB services were no longer mounted. The reason is that the "credentials" (or "cred") option in </etc/fstab> is ignored. If I remove "credentials" and add "username=xxx,password=yyy", the services are mounted.Has "credentials" been changed in some way? Has it been renamed?
View 9 Replies
View Related
Mar 30, 2010
I set up a samba file sharing system but my workgroup asks for a username and password see this-This is the text in /etc/samba/smb.conf:
# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
[code]...
View 9 Replies
View Related
May 31, 2010
I have created a shared folder via nautilus. I can not access it, because it asks me for user name and password again and again. I'm sure both username and password are exactly right. But I can not access the folder. Only when I check "Allow guest user access" it will allow me to access my data, Which is not secure enough for me.
View 6 Replies
View Related
Sep 30, 2010
I'm on Debian Lenny. I've shared a folder on gnome GUI, then went to win 7. I see my machine, SERVDEB01. When I click on it, I get the login popup. The workgroup set in samba is FILE-SHARING, so I login with the following: FILE-SHARINGmyuser password and that's when I get the unknown username or bad password thing.
I had a look to /etc/samba/smb/conf security = user is uncommented the shared folder appears at the end of the config file In despair, I've also created an identical user on win 7 and the linux box. I've been into the security Local Policies of windows 7 set NTLM to LM and NTLM (instead of NTLMv2) Here's my smb.conf in case it's needed.
[Code]....
View 4 Replies
View Related
Oct 1, 2010
I have a Samba installed and configured on a Ubuntu Server 10.04 box, as a file server, not as an PDC. And I have several Windows 7 machines accessing the Ubuntu Server to store files.
I would like to let users to change their passwords from windows.
View 2 Replies
View Related
Aug 21, 2010
I have an old laptop trying to mount a share with samba on a server.
Laptop and server both running ubuntu 9.04.
When I try to mount a share on the server
I get a password prompt, and no server passwords work.
This is a guest share, and my two windows laptops mount it no problem with no password.
Here's the relevant part of the smb.conf:
Laptop and server are on the same workgroup.
View 4 Replies
View Related
Apr 2, 2010
I'm trying to do the normal setup of sharing some dir's on my linux machine using samba, to allow a windows laptop to access them.
I've managed to get the printer shared and this is allowing to send print jobs, which come out beautifully! however the actual file shares still aren't accessible
Depending on my settings, if I have security = user then when I access from the windows machine I get a username and password box - I dont want this functionality, I want the system to access right away as it would between two windows shares.
If i change security = share then it simply lists the shares, but tells me they are all inaccessible.
I've googled and searched here, tried various different things but I just can't see why/where its asking me for the username/password combo.
Code:
From /var/log/samba/smbd :
Code:
View 5 Replies
View Related
Nov 12, 2009
I have just started a job as an IT tech, and have inherited a linux server running CEntOS 5.3 -- I have some experiance with linux, but am a little at sea. I'm using Webmin 1.490.The main use of the server is to samba share file space to windows clients, running XP.Everyone can happily connect to their home share, however the other shares have problems. One of the shares "staff" fails intermittently (to some staff members) and some of the other shares fail always.
The failure is that when a user tries to connect to the share, it pops up a username and password dialog (even if they just successfully viewed their home dir) then on entering correct details and clicking ok, the box refreshes with <domain><user name> (where braced values are replaced by literal values). If a user is connecting from outside via vpn (hosted though a different department's server) the domain is replaced by their computer name.If the password is re-entered, the same happens, in an infinite loop, and no access is ever given.When I say the staff share is intermittent, there likely is some pattern, but I haven't been able to work it out yet -- I think it may have something to do with how recently the account was set up, or physical location.
View 3 Replies
View Related
Nov 8, 2010
I have a .rar in my Downloads, I want to unrar this file to my Music folder, but the .rar is encrypted and requires a password.
I've tried a few commands like this:
Code:
But it tells me no files to unrar.
View 3 Replies
View Related
Aug 9, 2011
I'm trying to work on the SmashTheStack wargame on Ubuntu, and I'm stuck at level 1 with using John the Ripper (JTR). I got the encrypted password and was able to run JTR on it using
Code:
but the output is
Code:
I'm pretty sure that the 'trying:' part is supposed to be the attempted passwords, but this one doesn't work, and this is the only one that gets output. When I run
Code:
I get
Code:
Which I'm guessing means that nothing happened.. what am I doing wrong, and how can I get it to work?
View 1 Replies
View Related
