search

Syslifters / sysreptor

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
https://docs.sysreptor.com
Other
1.48k stars 141 forks source link

Login issue on Ubuntu: Either a Key or a multiple available keys must be given #234

Closed silent6trinity closed 5 months ago

silent6trinity commented 7 months ago

After rebooting my machine, stopping containers/restarting containers or updating sysreptor, I receive the following error whenever trying to login. I've tried troubleshooting this issue for a few hours now and am going insane, lol:

I've even reset the password multiple times to ensure im doing this right - still no avail

image

silent6trinity commented 7 months ago

To add to this, it seems like this is only occuring if the username doesnt have a "." in the username.

no dot in username

same password, dot in username

Even when trying to change the password

aronmolnar commented 7 months ago

Hi Ibby,

The error indicates that there are issues with decrypting data from your database.
Sensitive data at rest is encrypted using a secret from your app.env file:

image

The app.env should be in the sysreptor/deploy directory and is referenced in the docker-compose.yaml as env file.

aronmolnar commented 7 months ago

Maybe you started the docker container manually.

If you use docker compose -f docker-compose.yml up -d the app.env should be mounted used as env file (if present in that directory).

silent6trinity commented 7 months ago

No, that doesn't seem to work. I've tried that a few times - including copying over a known good app.env file and starting from scratch, and it still causes this issue.

aronmolnar commented 7 months ago

The error strongly indicates that your encryption keys are missing.

You can verify that the encryption keys are present via docker exec sysreptor-app env:

image

guillaumerosin commented 5 months ago

Je rencontre actuellement le même problème, je possède pourtant bien les clés de déchiffrements

aronmolnar commented 5 months ago

Can you please post the contents of the variables ENCRYPTION_KEYS and DEFAULT_ENCRYPTION_KEY_ID from the command docker exec sysreptor-app env executed in the deploy directory?
Please redact the actual key, but not the key ids.

guillaumerosin commented 5 months ago

ENCRYPTION_KEYS=[{"id": "e07e7872-8aad-4e59-ad69-dd472dff6701", "key": "J/bhU2q3g9emq0+9NBqeKFYxGkAzzRYMVAUo5M9Jsgk=", "cipher": "AES-GCM", "revoked": false}]

DEFAULT_ENCRYPTION_KEY_ID=e07e7872-8aad-4e59-ad69-dd472dff6701

image

guillaumerosin commented 5 months ago

Je vous avais envoyé un mail justement à ce propos si vous souhaitez me recontacter : guillaume.rosin@risk-horizon.be

aronmolnar commented 5 months ago

For the sake of documentation: The errors were different.

silent6trinity had the error 'Either a key or a multiple available keys must be given' which indicates that there was no key in the environment.
guillaumerosin had the error 'Metadata contains unknown key_id. Cannot find a suitable key for decryption.' which indicates that a key was present but decryption failed because it was the wrong key.