Network Attached Storage (NAS)

Synology

Encryption passphrases are stored on the system partition in files under /usr/syno/etc/.encrypt/@keystore, where each of them is encrypted as a libsodium Sealed Box (the ecryptfs wrapping with the infamous $1$5YN01o9y password is not used here — it is applied only to the exported keys). This encryption method by itself would be pretty secure; however, the secret key for those sealed boxes is stored in /usr/syno/etc/keymanager/info.cfg without any further encryption, so it is mostly trivial to decrypt the data in the boxes and get the passphrases for shared folders.

The /usr/syno/etc/keymanager/info.cfg file is apparently generated when the internal key store is initialized; I did not yet check whether the keys and UUID in there would be different after a password reset or reinstall (probably they would, but that does not help much, because the encryption key and encrypted data end up on the same filesystem anyway).1