Bug 1057 - Mounting Using smbpasswd Passwords
Mounting Using smbpasswd Passwords
Product: Samba 3.0
Classification: Unclassified
Component: smbmount (unmaintained)
All Linux
: P4 normal
: none
Assigned To: Samba Bugzilla Account
Depends on:
  Show dependency treegraph
Reported: 2004-02-10 13:23 UTC by Eskandar Ensafi
Modified: 2005-11-14 09:31 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Eskandar Ensafi 2004-02-10 13:23:47 UTC
Is it possible to tell smbmount (or smbclient and all other Samba programs that 
require a password) to use the encrypted password stored in the smbpasswd 
file?  This would be a very useful feature, and it is more secure than using a 
credentials file with plain-text passwords.  It also simplifies system 
administration.  Since the passwords are already stored in encrypted form, and 
since Samba knows how to communicate with WinNT/2K/XP machines using encrypted 
passwords, it seems like such an obvious feature to be able to take the 
encrypted password from smbpasswd and send it to the remote WinNT/2K/XP 
machine.  This is very usefil in situations where Windows user names and 
passwords are the same as Samba (and UNIX) user names and passwords.

You should be able to set an option to smbmount as follows:

smbmount //host/share /path -o username=myself,smbpasswd

The above would tell smbmount to connect as user "myself" and to look up the 
password from the smbpasswd file defined in "smb.conf".  Something along these 
lines woudl be very useful.
Comment 1 Gerald (Jerry) Carter 2004-02-10 13:38:48 UTC
This feature is not supported and could actually be a 
security risk.  Thanks for the feedback but I think we'll 
have to pass on this for now.
Comment 2 Eskandar Ensafi 2004-02-10 14:23:25 UTC
I understand you concern about security, but just out of curiosity, how woudl 
my suggestion be any worse than storing plain-text passwords in a credentials 
file?  It seems to me that using encrypted smbpasswd passwords is more secure.  
Then again, I might be wrong.
Comment 3 Gerald (Jerry) Carter 2005-11-14 09:31:20 UTC
database cleanup