https://bugzilla.novell.com/show_bug.cgi?id=295550
User sjayaraman@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=295550#c13
Suresh Jayaraman
Originally this 16 byte maximum was due to NTLM and LANMAN hashing but has been relaxed to 127 bytes by current Windows IIRC. I also need to determine if the longer password requires NTLMv2
If we can verify that this is the case (127 byte limit) - let's change the mount.cifs check - but a key question to ask is whether we should log a password too long message (e.g. to dmesg) if the server type does not accept a long password (e.g. if sec=lanman is specified).
I tried to find more information about Windows passwords:
From Windows help:
"Windows passwords can be up to 127 characters long. However, if you are using Windows XP on a network that also has computers using Windows 95 or Windows 98, consider using passwords not longer than 14 characters. Windows 95 and Windows 98 support passwords up to 14 characters. If your password is longer, you may not be able to log on to your network from those computers." "Windows limits passwords to 14 characters for LanMan hash. NTLM limits passwords to 14 characters on Windows NT, but not on Windows 2000 or XP. NTLM improved the situation some by using all 14 characters to store the password hash. While this did make things better, NT dialog boxes still limited passwords to a maximum of 14 characters."
From the book "Inside Windows Server 2003"
"LM passwords are limited to 14 characters. NTLM passwords limited to 128 characters". So, it is clear that only LanMan password and NTLM password (only in GUI since the dialog box limits it to 14 characters) are limited to 14 characters. I think we should relax the mount.cifs check and allow long passwords/passphrases as most of the Windows servers (Windows 2000, XP and others including Samba) supports long passwords and also we should let the users know by logging long passwords to dmesg if sec=lanman is specified. Attaching patches which makes the proposed changes to mount.cifs and kernel cifs client. Steve, Thoughts/Comments? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.