Passwords aren't stored themselve. They are transformed by a function, and the so produced value, which is called hash
, is stored.
If you login, the same function is performed on your input, and the generated value compared with the one in the stored value in the /etc/shadow
file.
The function is of a kind, which is hard to invert. So with the value in /etc/shadow, you can not calculate the original password, and the key in there is not helpful for login - you need the password.
With brute force, you can try to generate such a password, and for common names like 123456, password, asdf, secret, 1111
and so on, the shadow-values are already well known, and stored in so called rainbow-tables
.
To prevent attacks with rainbow-tables, the password-function can use a salt
, which influences the result, which means that every password uses a different salt, stored in the first two bytes of the password hash string (thanks to psusi, who corrected me), so that you would need a different rainbow-table for every password, which is not very practical - it takes too long to generate them, and is expensive.
I'm not sure, whether ubuntu uses a salt. We can wait for somebody who explains it to us, or you could generate the same user with the same password on two machines, and compare the value in /etc/shadow.
I was able to use the Go solution by @michaelcochez to decrypt it with Python:
import base64
from Crypto.Cipher import DES3
secret = base64.decodestring('<STRING FROM remmina.prefs>')
password = base64.decodestring('<STRING FROM XXXXXXX.remmina>')
print DES3.new(secret[:24], DES3.MODE_CBC, secret[24:]).decrypt(password)
Best Answer
System account passwords can be found in
/etc/shadow
. You need root privileges to read the file. The passwords are hashed with SHA. Additional information can be found on the corresponding manpages.Network or wifi passwords can be found in
/etc/NetworkManager/system-connections
. There is a file for each connection with its configuration, also you needroot
privileges to read them but the password isn't encrypted.Passwords handled by Gnome's password store, the Gnome Keyring, are stored in
~/.gnome2/keyrings
. The files are not human readable and should be accessed with Gnome's default password manager Seahorse. On older systems (before precise/12.04) wifi passwords were stored in Gnome Keyring and PINs for Mobile Broadband are still stored there.