Tim wrote: > > If you're talking about doing this with Windows and Linux, I would think > that you'd need to be using the same username and password on the box > that you're logged into, and the box running the samba server, for your > home space to turn up in the browse list. When Windows browses what's > available it supplies username and password for the current logon to the > remote end. The remote end (Samba) returns what it thinks is suitable. > The password used has to match the Samba password, not the login password (/etc/passwd) on the server box. The Samba password and the login password do not have to be the same. (If you are using LDAP or using a domain controller to verify users, then things are different.) > This also seems to be a simple way of snaffling up user credentials, > just by putting a box on the same LAN and waiting for others to connect > to you. Though I think it'd only be effective if you were using > unencrypted passwords. > With encrypted passwords, you can grab the password hash that is sent, and use a modified client to connect. This is because the same hash is sent every time you connect. It is also possible to find the password from the hash, but it is not easy. > Yes, you can use different usernames and passwords, as far as I'm aware > (I don't do this, so I haven't tested it), but I wouldn't expect > browsing to work, only explicit connections/mounts (where you request > something directly, and enter in username and password credentials). > With programs like smb4k, you can specify the user name and password to use when browsing. They do not have to match your login password and user name. With later versions you can do the same. (It can be done with Windows 98, but setting the user name/password for a machine is a pain. It will ask you for one only if the default fails.) Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
