Password encrypted?

Asked by A. Denton

When I established a connection from my Xubuntu Host to the Ubuntu 8.04 Server (same LAN) I ran Wireshark to figure out wheter pyNeighborhood sends passwords encrypted or in plain text to authentify and mount a share via CIFS.

The result was that I didn't see my plain password within one of the packets but some strange looking ANSI and UNIX strings (30-40 characters, numbers and uppercase letters). I'd like to know wheter this is some kind of encryption or if there's still a reason to worry when using pyNeighborhood in an untrusty LAN.

Thanks in advance!

- Aquina

Question information

Language:
English Edit question
Status:
Solved
For:
pyneighborhood Edit question
Assignee:
No assignee Edit question
Solved by:
Patrick Geltinger
Solved:
Last query:
Last reply:
Revision history for this message
Betz Stefan (encbladexp) said :
#1

pyNeighborhood only uses the CIFS oder SMBFS Subsystem of the Linux Kernel. So if these encrypt anything, pyNeighborhood does this too!

Greetings
Betz Stefan

Revision history for this message
Betz Stefan (encbladexp) said :
#2

Solved...

Revision history for this message
A. Denton (aquina) said :
#3

How should the kernel encypt something? I never set up keys or certificates. Even if I had I wouldn't be sure whether the kernel really has those abilities you described. Further artivles like [L1] make me worry even more because they lead me to the asumption the Samba subsystem is responsible for secure authentication. Let me clarify again, that I do not requre disk encryption or encrypted data transfers. I need to prevent users from spying my Samba login password though!

[L1] http://www.linuxjournal.com/article/2717

Revision history for this message
A. Denton (aquina) said :
#4

How should the kernel encypt something? I never set up keys or certificates. Even if I had I wouldn't be sure whether the kernel really has those abilities you described. Further artivles like [L1] make me worry even more because they lead me to the asumption the Samba subsystem is responsible for secure authentication. Let me clarify again, that I do not requre disk encryption or encrypted data transfers. I need to prevent users from spying my Samba login password though!

[L1] http://www.linuxjournal.com/article/2717

Revision history for this message
Betz Stefan (encbladexp) said :
#5

pyNeighborhood uses many Samba Tools. If your smb.conf has "encrypted passwords" enabled, pyNeighborhood will encrypt your Passwords! (Not directly, but smbmount and mount.cifs will do so).

Take a look at "man smb.conf" for this.

Greetings
Betz Stefan

Revision history for this message
Best Patrick Geltinger (patlkli) said :
#6

Once again, pyNeighborhood is a graphical frontend for mounting Samba shares via cifs/smbfs. If your Samba server supports encrypted passwords, your password will be transferred encrypted. But this encryption is not made by us, but by cifs/smbfs. We just use them, so if you want to know how the passwords are encrypted, ask the developers there, or read the article you've linked again. It explains all the encryption processes.

Revision history for this message
A. Denton (aquina) said :
#7

Thanks Patrick Geltinger, that solved my question.