Can't import/create gpg key

bappr · November 26, 2020, 2:21pm

Checklist
[X] I have read intro post: About the Installation Issues category
[X] I have read the tutorials, help and searched for similar issues
[X] I provide relevant information about my server (component names and versions, etc.)
[] I provide a copy of my logs and healthcheck
[X] I describe the steps I have taken to trouble shoot the problem
[] I describe the steps on how to reproduce the issue

Hey guys,
Having issue installing passbolt on ubuntu 18.04.

The installation went fine, SSL is configured and I was able to configure the step 2 - Database.
However, on step 3, I am not able to import my existing private key (I am migrating an existing passbolt) and even getting an error upon creation of new gpg key. Getting the error The data entered are not correct: A public key is required.; A private key is required.; A fingerprint is required..
Any help is very welcomed. I am using the wizard install, not the custom one.

I am not even sure how to check passbolt backend logs cuz /var/www/passbolt/logs is empty.

Thanks.
Ben

system · December 1, 2020, 2:21pm

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.

remy · December 2, 2020, 4:36am

garrett · December 2, 2020, 7:22pm

Hi @bappr,

Since you are migrating an existing Passbolt, are you trying to import the server key? Or, perhaps are you attempting to import your user key. Step 3 is for the server key to be generated or imported.

Assuming the old installation of Passbolt is also Ubuntu 18.04, you can find the server key in the /config/gpg folder of its Passbolt installation root.

Regarding the logs being empty, are you saying there are no files in the logs folder? If so, create debug.log and error.log files and make sure www-data has read/write access to them:

chown {your-local-user}:www-data debug.log
chmod 660 debug.log

And same for error.log.

bappr · December 8, 2020, 11:21am

Hi @garrett,

Thanks for the answer and sorry for the late reply.

Yes I am trying to importe the server key but even creating a new one does not work.
The current passbolt is currently running in a container, on Debian. It is currently running on kubernetes and I have the current server key in a secret. So I was able to get what I need.

Logs being empty just mean that there is nothing meaningful to debug my issue there. I have indeed a error.log but it’s mostly filled with routing error.

Thanks!

garrett · December 8, 2020, 12:13pm

@bappr Can you post examples of these errors from the error.log? In the config/passbolt.php file you could enable debug with 'debug' => true, if you think it’s appropriate for your install. Maybe that will show something else.

bappr · December 8, 2020, 12:38pm

@garrett, here u go.

2020-12-07 23:29:04 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/console/" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /console/


2020-12-07 23:29:06 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/Autodiscover/Autodiscover.xml" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /Autodiscover/Autodiscover.xml

Also I can see the request going through the nginx server

108.162.229.92 - - [08/Dec/2020:20:31:44 +0800] "POST /install/gpg_key_import HTTP/1.1" 200 5403 "https://passbolt.kintohub.com/install/gpg_key_import" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36"

I enabled debug=true in the passbolt.default.php (I don’t have a passbolt.php there (I used the provided script to install the stack). Should I do anything else than restarting the nginx service? If not, then I don’t get more logs.

Thanks

garrett · December 8, 2020, 1:37pm

@bappr Just to confirm: you are installing onto Ubuntu 18.04 but you also mentioned you don’t have a passbolt.php file in the config folder. The passbolt.default.php is just the template file. A passbolt.php file is created in the installation process, and to create it manually just copy the template
cp passbolt.default.php passbolt.php and adjust configurations accordingly.

From the passbolt installation root folder run this to catch problems with configuration:

sudo -H -u www-data bash -c "./bin/cake passbolt healthcheck"

bappr · December 8, 2020, 2:01pm

@garrett yes this is what I have done. Not sure if the installation messed up or not, it’s kind of a blackbox to be honest. I used the documentation from https://help.passbolt.com/hosting/install/ce/ubuntu-18-04-bionic-beaver

Here are the logs for you command:


     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
---------------------------------------------------------------
 Healthcheck shell.....Exception: SQLSTATE[HY000] [2002] No such file or directory in [/var/www/passbolt/vendor/cakephp/cakephp/src/Database/Driver.php, line 92]

Should I retry the whole installation? I don’t mind destroying my instance and recreating it again.

garrett · December 8, 2020, 2:08pm

@bappr It appears the first part of installation did not go correctly. Yes, starting over is a fine idea. When you get to the end of the terminal-based script, check for any error messages before starting the web configuration.

bappr · December 8, 2020, 2:43pm

@garrett so I re-deployed the instance and re-installed passbolt according to the tutorial. And the command above still fails and the config file is missing.

I checked the install logs and I see a lof of the following warnings/errors, not sure if they are relevant:

debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline

Creating config file /etc/php/7.2/mods-available/ctype.ini with new version
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline

Creating config file /etc/php/7.2/mods-available/exif.ini with new version
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline

I just copied some of them but there are a lot of them. Rest looks fine

garrett · December 8, 2020, 2:50pm

@bappr Share more about the overall environment. You said the old passbolt is in a container on a Debian host. What about this new one? Also a container? Same host?

The installation script is for a standalone Ubuntu 18.04 environment.

bappr · December 8, 2020, 2:55pm

So the new environment is a google compute instance running on Ubuntu 18.04.
No container anymore, pure VM.

NAME="Ubuntu"
VERSION="18.04.5 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.5 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic

Btw, I updated my previous message with some weird logs I have, not sure if that helps.

garrett · December 8, 2020, 3:16pm

@bappr One thing we need to check is that your VM has the right time for the timezone noted.

Double check with command:
date

Also, for hostname of db, use 127.0.0.1 - I know you said you were migrating, but let’s shoot for new successful setup first. Let’s assume locally hosted db, and that mariadb should be installed, etc. when you are choosing the install options.

bappr · December 8, 2020, 3:19pm

@garrett okay I am gonna restart the whole install again. I am installing the VM in Taiwan so during the installations steps, I set it up so that it’s configured for Taiwan. I had tried running date and yes the date was correct.

bappr · December 8, 2020, 3:41pm

@garrett ok so I re-setup everything.
Using 127.0.0.1, no SSL, mariadb. The command above still does not work and the config file is not there.

garrett · December 8, 2020, 3:47pm

@bappr Verify you can access the DB directly with the user, and if you can, go ahead and try the wizard and create new keys in the process. See what happens.

EDIT: And if this still does not resolve the issue, it is hard to assess what the problem is without more logs. But I might suggest if you’re up to it to also have a look at the manual installation instructions as it might reveal something missing in your environment.

bappr · December 8, 2020, 4:30pm

@garrett so I tried it.
Apparently, mariadb is not running on my VM which is weird since I did install it using the script.
So, I used my GCP CloudSQL instance instead and went ahead to try to create a new key. And it worked!

Any idea what is the issue? The difference with the previous install since to be the host and SSL enabled. The rest is exactly the same. How can I make my correct settings works?

garrett · December 8, 2020, 4:54pm

@bappr There is a install.log file that is produced during installation by script. This may reveal information. Also, you could check service mysql status to see if mariaDB is installed but perhaps not running.

bappr · December 8, 2020, 5:45pm

Yeah so indeed mysql is installed but dead. Anyway, I am gonna retry the whole install but without mysql. And try this time to import the key. Will keep you updated! Thanks for the huge help!