Ms-Chap + NT-Password
Alan DeKok
aland at deployingradius.com
Thu Dec 20 12:39:11 CET 2018
On Dec 20, 2018, at 2:47 AM, Anton Kiryushkin <swood at fotofor.biz> wrote:
>
> Hello, Matthew.
>
> Yes, I have the same fear about the hash.
> I made it in the two ways:
> - hash=$(printf '%s' "${pass}" | iconv -t utf16le | openssl md4 2>/dev/null
> | awk '{print $NF}')
> - smbencrypt
>
> Both ways are equal. Which method is right in my case?
smbencrypt it preferred. I use:
$ smbencrypt hello
LM Hash NT Hash
-------------------------------- --------------------------------
FDA95FBECA288D44AAD3B435B51404EE 066DDFD4EF0E9CD7C256FE77191EF43C
And the use the NT hash.
There is just no way that an input password ends up being *all* ASCII characters after hashing. It looks like you've taken the input password, and then tried to use that as the NT hash.
Alan DeKok.
More information about the Freeradius-Users
mailing list