Checklist
[x ] I have read intro post: https://community.passbolt.com/t/about-the-installation-issues-category/12
[x ] I have read the tutorials, help and searched for similar issues
[ x] I provide relevant information about my server (component names and versions, etc.)
[ x] I provide a copy of my logs and healthcheck
[x ] I describe the steps I have taken to trouble shoot the problem
[ x] I describe the steps on how to reproduce the issue
Hello,
my problem is the following: a user created a password with passbolt, then updated it by changing many characters. Due to handling errors, this user asked me what his old password was in passbolt BEFORE he changed it.
Apparently there is no function to access a password history in passbolt. What’s more, e-mail notifications are disabled in our instance.
I then retrieved a backup of our Passbolt instance database from before the user changed the password. I then remounted it on a local instance of MariaDb on my PC. I then typed the following commands:
u.username, g.armored_key
FROM users as u
INNER JOIN gpgkeys as g ON u.id = g.user_id
WHERE u.username = 'USER_EMAIL;
I was able to retrieve the list of passwords to which my user had access, including the one for which he wanted the previous version. I copied/pasted the PGP message corresponding to the password I was looking for and wrote it down in a text file named “encrypted.gpg”.
I then imported the user’s Passbolt private key into the “GPG4WIN” software and tried to open “encrypted.gpg” without success, with the following error message:
The file contains certificates and cannot be decrypted.
Do you know if my method is correct? Or do you know if there is another way to simply recover a password from a dump of passbolt database?
Thank you in advance for help
Translated with DeepL.com (free version)