source: branches/samba-3.3.x/docs/manpages/smbpasswd.5@ 368

'\" t
.\"     Title: smbpasswd
.\"    Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
.\"      Date: 01/14/2010
.\"    Manual: File Formats and Conventions
.\"    Source: Samba 3.3
.\"  Language: English
.\"
.TH "SMBPASSWD" "5" "01/14/2010" "Samba 3\&.3" "File Formats and Conventions"
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
smbpasswd \- The Samba encrypted password file
.SH "SYNOPSIS"
.PP
smbpasswd
.SH "DESCRIPTION"
.PP
This tool is part of the
\fBsamba\fR(7)
suite\&.
.PP
smbpasswd is the Samba encrypted password file\&. It contains the username, Unix user id and the SMB hashed passwords of the user, as well as account flag information and the time the password was last changed\&. This file format has been evolving with Samba and has had several different formats in the past\&.
.SH "FILE FORMAT"
.PP
The format of the smbpasswd file used by Samba 2\&.2 is very similar to the familiar Unix
passwd(5)
file\&. It is an ASCII file containing one line for each user\&. Each field ithin each line is separated from the next by a colon\&. Any entry beginning with \'#\' is ignored\&. The smbpasswd file contains the following information for each user:
.PP
name
.RS 4
This is the user name\&. It must be a name that already exists in the standard UNIX passwd file\&.
.RE
.PP
uid
.RS 4
This is the UNIX uid\&. It must match the uid field for the same user entry in the standard UNIX passwd file\&. If this does not match then Samba will refuse to recognize this smbpasswd file entry as being valid for a user\&.
.RE
.PP
Lanman Password Hash
.RS 4
This is the LANMAN hash of the user\'s password, encoded as 32 hex digits\&. The LANMAN hash is created by DES encrypting a well known string with the user\'s password as the DES key\&. This is the same password used by Windows 95/98 machines\&. Note that this password hash is regarded as weak as it is vulnerable to dictionary attacks and if two users choose the same password this entry will be identical (i\&.e\&. the password is not "salted" as the UNIX password is)\&. If the user has a null password this field will contain the characters "NO PASSWORD" as the start of the hex string\&. If the hex string is equal to 32 \'X\' characters then the user\'s account is marked as
\fBdisabled\fR
and the user will not be able to log onto the Samba server\&.
.sp
\fIWARNING !!\fR
Note that, due to the challenge\-response nature of the SMB/CIFS authentication protocol, anyone with a knowledge of this password hash will be able to impersonate the user on the network\&. For this reason these hashes are known as
\fIplain text equivalents\fR
and must
\fINOT\fR
be made available to anyone but the root user\&. To protect these passwords the smbpasswd file is placed in a directory with read and traverse access only to the root user and the smbpasswd file itself must be set to be read/write only by root, with no other access\&.
.RE
.PP
NT Password Hash
.RS 4
This is the Windows NT hash of the user\'s password, encoded as 32 hex digits\&. The Windows NT hash is created by taking the user\'s password as represented in 16\-bit, little\-endian UNICODE and then applying the MD4 (internet rfc1321) hashing algorithm to it\&.
.sp
This password hash is considered more secure than the LANMAN Password Hash as it preserves the case of the password and uses a much higher quality hashing algorithm\&. However, it is still the case that if two users choose the same password this entry will be identical (i\&.e\&. the password is not "salted" as the UNIX password is)\&.