Cristian Ogrezeanu posted on Sat, 19 Jul 2014 17:37:41 +0200 as excerpted:
> I regularly copy my ~/.kde/share/apps/kwallet/kdewallet.kwl file to an
> external drive to have a backup if something went wrong. Never had any
> problem until a few days ago when I upgraded from 4.13.2 to 4.13.3.
> After upgrading I went to ~/.kde/share/apps/kwallet to manually backup
> as usual and saw there was a new file named kdewallet.salt, which I had
> never seen before (because it wasn't there before). In a moment of
> "genious" I just deleted that kdewallet.salt file thinking it was just
> some temp file. Clearly I messed up as now I can't open my wallet
> anymore, it won't take my password and fails with "Error code -9: Read
> error - possibly incorrect password.". I can't recover any copy of the
> wallet prior to the upgrade so I'm stuck. All my passwords are in there
> and I know not what to do. I've already tried opening the wallet on a
> system with KDE 4.11 but it fails with "unsuported file revision" or
> something similar. Any ideas anyone ?
I think you may be SOL.
In cryptography, a "salt" is a bit of per-instance random data appended
to the cleartext before encrypting or digesting it, in ordered to defeat
attacks such as rainbow tables, where a known cyphertext can be looked up
in a pre-computed table to get the cleartext that encrypts to that
cyphertext.
The idea is that if each instance/site has its own salt, then a rainbow
table does no good, because the salt effectively randomized the cyphertext
such that it you'd have to have a (large) rainbow table for each salt, as
well.
So if you lose that salt, you've effectively lost the key to unencrypting
the cyphertext.
I'm afraid your only possible rescue of that wallet at this point is to
find either a backup of that salt file, or a backup of the wallet that's
a version before the salt file was added. Otherwise, it's likely even
the NSA would have problems decrypting the thing, which could be
considered good or bad depending on your viewpoint...
That's one reason why it's always a good idea to keep a cleartext copy of
your passwords somewhere. (The stereotypical case is to have a book,
with say the first sentence of every 5th page starting with page 3, being
your list of pass-phrases, but unmarked and one of many books on a shelf
or whatever, so only you know which book it is. You'd then keep an
ordered list, perhaps order-scrambled in its own way that only you knew,
of places you login in some other location, that can't be tied to the
book with the passphrases, so that even if they attacker knew you were
doing something like this, unless the attacker picked up the right book
and knew your exact scheme, they'd never figure out the passphrase for
more than, perhaps, a single login.)
--
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman
___________________________________________________
This message is from the kde mailing list.
Account management: https://mail.kde.org/mailman/listinfo/kde.
Archives: http://lists.kde.org/.
More info: http://www.kde.org/faq.html.
