vi encryption: what algorithm has been used?

2
votes

I used an encrypted file to store my passwords for years. It has been encrypted using the vi -x command on Sun Solaris 10. I now tried to open the file on a linux box with bothvi -x and vi -x -cm=blowfish. Sadly the file is completely messed up. My guess is that a different encryption algorithm has been used on Solaris. How can I find out which algorithm has been used and how can I open the file with a more recent version of vi?

I do know the correct password and I do know several words in the encrypted file.

P.S.: I do not have any access to a solaris 10 Machine anymore

2
encryptionvi
You might have some "luck" browsing the Solaris source code at opensolaris.org. I did, a little, and it looks that vi, which uses ex code internally, uses libcrypt, which popen's the crypt command internally. That in turn, doesn't seem to use any "well known" algorithm. Be warned tough, I might be totally out of the ballpark here.Christian.K
what are the first characters of the encrypted file? For example, recent versions of vi show VimCryptPascal Belloncle

2 Answers

0
votes

I think vi uses the crypt function. This is a long shot, but if you have access to mcrypt, this should decode solaris crypt:

mcrypt  -a des --keymode pkdes --bare --noiv --decrypt filename

old unix style crypt

mcrypt  -a  enigma  --keymode  scrypt --bare --decrypt filename
-1
votes

/usr/bin/vi (also linked from /usr/ucb/vi), /usr/xpg4/bin/vi, and /usr/xpg6/bin/vi on Solaris 10 (and such of those as were on all earlier versions of Solaris) all used crypt(1) (Enigma variant) encryption.

On Solaris 11 and later, vi is actually vim, and uses whatever encryption that version of vim supports, which is NOT compatible with crypt(1).

"Old" vi may still be on Solaris 11 as /usr/sunos/bin/vi, but does not have the -x option any more.

crypt(1) is also no longer on Solaris 11.

But one can easily scrounge the source (google for usr/src/cmd/crypt/crypt.c) and fix up whatever version one finds to compile ok.

And as a previous poster indicated, mcrypt can do the job too.

The latter is available for Macs via (at least) MacPorts ("port install mcrypt" although a trivial test of running mcrypt there didn't work for me), for CentOS via "yum install mcrypt", for Ubuntu via "apt install mcrypt"; cygwin also has an mcrypt package.

For any other OS or distro, you're on your own; I don't have everything. 😀