[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Keychain Password Oops

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Keychain Password Oops
From: Simon Waters <simon@xxxxxxxxxxxxxx>
Date: Mon, 16 Aug 2021 12:14:26 +0100
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1618045561; h=Sender:Content-Transfer-Encoding: Content-Type:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe: List-Id:Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From: Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Owner:List-Archive; bh=kNTvZ7icck5IF9+o3a/7SQg2vRBymg9OJN5n7XJslrU=; b=Fa5zLszfc/U5dO8I+CoRssAPtw RcO9If5mKdi2d8fkg2MLCWTIMHl7qxOs/KKYwy+jCENi4iltCe9U5JA/rupcSqqYPdrio1XtBqwuC I40aa46hRw0kEcVvtOR/KUZmGa5I4rtwh7wbOBfnIu4OYlVC1KQFmjMPqTe4wOwFRGf4=;

On Monday, 16 August 2021 08:31:29 BST Rich Brown wrote:
> Hi
> 
> On our main desktop computer we have all family users. However, the
> other members of the family only occasionally log in and in a recent log
> in one of the users had forgotten their password. I reset it as an admin
> and they logged in, but only to find the keychain password is different.
> When they can't input the correct password the computer locks up. We
> have tried to use the new password but this is rejected.
> 
> Any help greatly received!

We need a bit more details of what system, and what you want to achieve.

Keychain is the Mac terminology.

GNOME has a keyring https://wiki.gnome.org/Projects/GnomeKeyring/SecurityFAQ

Assuming GNOME keyring... 

As far as I know the keyring password is the only thing required to, and 
capable of unlocking the keyring, and GNOME is AES128 encrypted with multiple 
iterations, so basically you want the password to read the contents. 

The old keyring can be moved out of place, and when they login GNOME will 
create a new, empty, keyring.

If you need to access the contents of the old key-ring, then probably need to 
crack the password. Extracting the user's old password hash from an old backup 
of the "/etc/shadow" file, and use John the Ripper with some hints of what they 
think the password was, will probably work. If you can get a hash I'm sure 
myself or someone else will help crack it (as long as you can assure me it is 
yours to crack, and I'm not doing an Assange).

I couldn't find any information on recovery of keyring beyond this. Apple had 
some for keychain, but it basically boiled down to recovering a version with a 
known password from time machine (IIRC), which is another approach for 
keyrings if you know any previous passwords and have extensive enough backups.

That said I don't use GNOME these days, so all alien to me ;)

-- 
The Mailing List for the Devon & Cornwall LUG
https://mailman.dcglug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

References:
- [LUG] Keychain Password Oops
  - From: Rich Brown

Prev by Date: [LUG] Keychain Password Oops
Next by Date: Re: [LUG] Data extraction from PDF form
Previous by thread: [LUG] Keychain Password Oops
Next by thread: [LUG] Problem with Debian
Index(es):
- Date
- Thread