Setup passbolt on another computer

[x ] I have read intro post: About the Installation Issues category
[ x] I have read the tutorials, help and searched for similar issues
[ x] I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
[ x] I describe the steps I have taken to trouble shoot the problem
[ x] I describe the steps on how to reproduce the issue

Greeting everyone,

Ran into a problem wonder if anyone has any tips, I’d like to help my colleague to setup his passbolt account onto 2 computers, after successfully setting up the first computer, I use his private key and the recovery link to setup the account on a laptop.

Strangely after I followed the instruction, uploading the private key file and input the password, I’ve got the error :

“The key provided does not belong to given user.”

I didn’t see any log on passbolt docker that suggested something has went wrong, and I have double checked the pgp key and the command I used, both have the same email address.

I have tried to download the private key again from the first computer and repeated the process with the same result.

I wonder if anyone here have any idea/suggestion on how I can fix the issue?

Hey @VictorTsang welcome to the forum!

Based on the error it points to using the wrong key here. Can you explain a bit more what you mean with this?

I have double checked the pgp key and the command I used, both have the same email address.

When you say both have the same email address are you meaning two different keys?

Thank you for looking into my problem Clayton,

I have since tested with a more straightforward case, allow me to use the new flow instead to explain the problem I see.

I have created a new user, activated the account on chrome on my local machine. I have downloaded the restore kit during the activation process, and just in case, after login, I have also downloaded the private key and saved it separately.

I then try to use firefox to ‘recover’ the account, I generated the recovery request, and used the restore kit file, as well as the private key, both gave me the same key don’t belong to the user error.

Could you run the status report and post the output? We have instructions for that on the help site. Or alternatively we have a different page for docker instructions if that is how you installed

Here’s the healthcheck result.

 ____                  __          ____
/ __ \____  _____ ____/ /_  ____  / / /_

/ // / __ `/ / / __ / __ / / _/
/ / // ( |
) /
/ / /
/ / / /
/ _

Open source password manager for teams

Healthcheck shell


[PASS] PHP version 8.2.7.
[PASS] PHP version is 8.1 or above.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.

Config files

[PASS] The application config file is present
[PASS] The passbolt config file is present

Core config

[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.

SSL Certificate

[WARN] SSL peer certificate does not validate
[WARN] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] Check Passbolt Help | Troubleshoot SSL
[HELP] cURL Error (60) SSL certificate problem: self-signed certificate


[PASS] The application is able to connect to the database
[PASS] 31 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.

GPG Configuration

[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
[PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server OpenPGP key is not the default one
[PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in /etc/passbolt/passbolt.php.
[PASS] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
[PASS] The server public key format is Gopengpg compatible.
[PASS] The server private key format is Gopengpg compatible.

Application configuration

[PASS] Using latest passbolt version (4.4.2).
[FAIL] Passbolt is not configured to force SSL use.
[HELP] Set passbolt.ssl.force to true in /etc/passbolt/passbolt.php.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[INFO] The Self Registration plugin is enabled.
[INFO] Registration is closed, only administrators can add users.
[PASS] The deprecated self registration public setting was not found in /etc/passbolt/ p.
[WARN] Host availability checking is disabled.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
[HELP] Or set to true in /etc/passbolt/passbolt.php.
[PASS] Serving the compiled version of the javascript app.
[WARN] Some email notifications are disabled by the administrator.

JWT Authentication

[PASS] The JWT Authentication plugin is enabled
[PASS] The /etc/passbolt/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found

SMTP Settings

[PASS] The SMTP Settings plugin is enabled.
[PASS] SMTP Settings coherent. You may send a test email to validate them.
[WARN] The SMTP Settings source is: /etc/passbolt/passbolt.php.
[HELP] It is recommended to set the SMTP Settings in the database through the administration sect ion.
[WARN] The SMTP Settings plugin endpoints are enabled.
[HELP] It is recommended to disable the plugin endpoints.
[HELP] Or set to true in /etc/passbolt/passbolt. php.

[FAIL] 1 error(s) found. Hang in there!

For the record I am running passbolt with docker, I can’t get smtp working on my end due to SSL cert issue, I’m doing admin work mostly with shell command.

I have tried to pull the latest docker images and did the test again today, still the same issue. so wonder anyone has run into similar problem as I do and got any idea what ocul be wrong?

I’m running the docker locally, without using compose, here’s my docker startup command, in case I missed any folder I should share.

docker run --name passbolt
-p 2443:443
-v /etc/passbolt/passbolt.php:/etc/passbolt/passbolt.php:z
-v /etc/passbolt/gpg:/etc/passbolt/gpg:z
-v /etc/passbolt/jwt:/etc/passbolt/jwt:z passbolt/passbolt:latest