Hi Dan,
AIX smbclient version 1/CIFS client cannot handle passwords longer than 14 characters.
This uses very old LANMAN protocol version 1(NTLM v1) for authentication. This limits the password length.
New AIX smbclient version 2.1 supports password length upto 127 characters.
AIX SMB client 2.1 uses more secure kerberos authentication mechanism.
This was made available via web download as well as expansion pack for AIX 7.1 and AIX 7.2.
Please find the web download link for AIX smbclient version 2.1:
https://www-01.ibm.com/marketing/iwm/mrs/packageList?source=aixbp&lang=en_USUser can mount the SMB shares on AIX using "mount" command or by adding entries to /etc/filesystems.
Please refer the following link for more information about SMB 2.1 client.
https://www.ibm.com/support/knowledgecenter/ssw_aix_72/network/smbcfs.htmlPlease let us know if you need more information on SMB client. We are happy to assist you.
Thanks and Regards,
Savitri
------------------------------
SAVITRI HUNASHEEKATTI
------------------------------
Original Message:
Sent: Tue August 25, 2020 10:26 AM
From: Dan Jones
Subject: cifs password length limit
Hi Lakshmi,
I'm able to connect using the smbclient, however, I wish to mount the share. I was using the mount and mkcifsmnt commands which uses cifs. It's these two commands that throw the error on password length.
I received a message back from IBM Support with the following information:The password character limit in the SMBv1 AIX CIFS client (bos.cifs_fs.rte) is hard-coded at 14 and there's no way around it. This is because one of the authentication mechanisms supported by the AIX CIFS client (the legacy LanMan protocol) cannot handle passwords longer than 14 characters. This limit is enforced even if the server supports NTLMv1 (the AIX CIFS client supports LanMan and NTLMv1 but does not support NTLMv2). Special characters are allowed in the password as long as they are part of the original 8-bit DOS character set (DOS-437, which is a form of extended ASCII and is not the same as ISO-Latin-1).
It doesn't appear there's a workaround.
Thanks,
Dan
------------------------------
Dan Jones
Original Message:
Sent: Tue August 25, 2020 01:10 AM
From: Lakshmi Yadlapati
Subject: cifs password length limit
We support password length upto 255 characters in SMB2.1 client. SMB 2.1 support for AIX 7.2 is now available! It was made available via the expansion pack.
https://www-01.ibm.com/marketing/iwm/mrs/packageList?source=aixbp&lang=en_US
------------------------------
Lakshmi Yadlapati
Original Message:
Sent: Mon August 24, 2020 10:32 AM
From: Dan Jones
Subject: cifs password length limit
Hi Rachel,
Here is the version information:
AIX: 7200-03-02-1846
cifs
bos.cifs_fs.rte 7.2.3.15
bos.cifs_fs.smit 7.2.0.0
sbmclient: 4.10.13
Dan
------------------------------
Dan Jones
Original Message:
Sent: Mon August 24, 2020 01:32 AM
From: RACHEL ANITHA ALLWIN
Subject: cifs password length limit
Thank you for your query. Can you please let us know the version of cifs you are using? In addition, can you please provide us the details of the AIX version being used?
-Rachel Anitha Allwin
------------------------------
RACHEL ANITHA ALLWIN
Original Message:
Sent: Fri August 21, 2020 06:27 PM
From: Dan Jones
Subject: cifs password length limit
Trying to connect to a fileshare via SMB. Using smbclient I'm able to successfully connect and access the share.
I'm not able to mount the share using mount or mkcifsmnt.
The error I get is the password is longer than 14 characters.
Due to circumstances outside my control I'm not able to alter the password to have <= 14 characters.
Any suggestions on how to work around this limitation?
------------------------------
Dan Jones
------------------------------