Hi community!
I have my primary admin account with unique passwords stored and recently something happened and I can’t login. There is an exception “There was an error during authentication. Enable debug mode for more information”. I’m the first user registered there. All other users are able to login, create passwords,share them etc…
Can’t find anything except next in the cli-debug.log
root@9050195d136c:/var/www/passbolt# cat logs/cli-debug.log
2020-12-03 12:40:33 Debug: command 'preview' in plugin 'EmailQueue' was not aliased, conflicts with 'Passbolt/EmailDigest'*
2020-12-03 12:40:33 Debug: command 'sender' in plugin 'EmailQueue' was not aliased, conflicts with 'Passbolt/EmailDigest'*
Version: 2.13.5
Healthcheck status: “No error found. Nice one sparky!”
root@3c91ff83636d:/var/www/passbolt# cat /var/www/passbolt/logs/error.log
2020-12-03 14:05:49 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-12-03 14:05:50 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
But the interesting thing is that all permissions looks good:
GPG keys are not full. I have around 15 users, but all of them can access but me. Brad Pitt is a test user that I created after I created first 10 users.
That logs that I shared I’ve copyed right after I redeployed docker-compose and tried to login. So there are only this errors. In docker logs all clear just POST and GET and 200 answer codes and something strange but I think not realted to the problem: 2020-12-03 14:10:26,109 INFO reaped unknown pid 409
I couldn’t understand the second question about the full details of my key, could you please explain a bit?
To see the details of your key (so you can check if it has expired) the command would be something like: sudo -H -u www-data bash -c "gpg -a --export {your-key-fingerprint-here} | gpg --list-packets"
-a is armored export of your key by fingerprint and then a checking of its contents. You’d be looking for a field in the output noting “key expires after”. It may not exist, if the key does not expire.