Submitted by patrick on Fri, 01/09/2009 - 02:37
Posted in
Ever wondered, where GMOME's mailclient "Evolution" stores the passwords for mailaccounts? Me neither. At least not until today, when I learned, that the credentials for a certain account were only known to a certain Linux box. This computer had some kind of hard disk related hiccup, which trashed a few things, vital to evolution. This little incident pretty much required setting up the mail client from scratch again. Only problem here: For that, username and passwords were required, which were now inaccessible.
You'd think, that this kind of thing happens all the time and some step by step instructions for password recovery would exist on the web. Curiously, they don't (or at least, they are hard to find, if they do) and I spent a few hours digging through quite a lot of docs, forum posts and even source code. Here is what I learned: There are two places, where evolution might store credentials. Newer versions use the GNOME keyring, older versions store them in a file.
If the keyring daemon is used, username and password is stored in ~/.gnome2/keyrings The files in there are AES encrypted. Unless you know the master password (which is suppose to be the same as your login password), you are pretty much out of luck. The GNOME desktop provides a daemon process (gnome-keyring-daemon), which is started on login, loads the keyring(s) and makes the included keys available. So good news for all users, who have a (by time of this writing) fairly modern Linux system. To recover "lost" passwords, just start the seahorse application.
Users of old Linux installations without GNOME keyrings will find usernames and passwords stored under ~/.gnome2_private/Evolution (you might want to also check the presence of this file, if your Linux system is upgraded. There is no point in having credentials safely encrypted, if they are also lying around unprotected). It's contents should look something like this:
[Passwords-Mail]
smtp:__username;auth_PLAIN@mail.provider.com_=SGVsbG9Xb3JsZAo==
pop:__username_=SGVsbG9Xb3JsZAo==
Recovering the username is fairly trivial. The password is obviously the seemingly random letter string at the end of the line. It looks encrypted, but actually it is only base64 encoded, which pretty much only offers protection against accidentally reading the clear text value. To decode the password, open a shell and type the following:
echo "SGVsbG9Xb3JsZAo=" | base64 -d
With "SGVsbG9Xb3JsZAo=" being the copy and pasted string between the first and the last equals sign. Decoding the password from this example should print the string "HelloWorld" to the console.
Bookmark/Search this post with:
Delicious
Digg
StumbleUpon
Reddit
FacebookSimilar posts
- Linux tuning tips, that don't require you to buy new hardware
- Adding automatic MD5 or SHA1 checksum calculations to file downloads with Drupal
- Automatic change of node ownership - Security considerations for mobile bloggers
- AdSense, tag clouds and mysteriously untargeted ads, no matter what you do
- Java, applications and user feedback: which program version are you using anyway?