I am trying to setup an auto-mounting network drive. The network drive requires a user/pass. In the man page for "mount.cifs" there are two ways to provide the user/pass.
1-[not recommended] put the user/pass in /etc/fstab
2-create a separate credentials file and put the user/pass in the credentials file
cat /etc/fstab
//192.168.1.17/imp/sql /imp/sql cifs credentials=/root/credentials
The file credentials contain the user name and password ( root user can read this file). and the password is stored as a plain text.
My question is how to use password encryption in CIFS/SAMBA?
Best Answer
The client must have access to the cleartext password in order to authenticate against the server. If you encrypt the password on the client, you would need another (cleartext) password to decrypt the encrypted password before providing it to the server. Which could then be used by a root user to decrypt the encrypted Samba password.
Even if there was a way for the client to just provide the encrypted password to the server you wouldn't have gained anything, because then the root user also would only need access to the encrypted password.
You cannot protect a system from its administrator.