Closed lgp171188 closed 2 years ago
BlackDex
commented
2 years ago I had the same thing when i tried to login with an expired token.
When i did a logout first and a re-login it all seemed to work fine.
A bw sync works too.
Please try to do a full logout and login and see what happens.
lgp171188
commented
2 years ago @BlackDex, the issue started happening only after the CLI version upgrade (I think) and I did a full logout to get a fresh token (which I needed to use in another tool that I use). Now when I run bw logout, it says that I am already logged out. Due to this issue, I am unable to log in or run any command like bw sync which requires the user to be logged in. Hence the report.
I am trying to login with my email address and account password. I am not using any other alternative authentication mechanisms.
lgp171188
commented
2 years ago I am able to log in with the API key method but the username/password method still errors out. The API key method doesn't give me a session key to use with other applications. :(
BlackDex
commented
2 years ago Strange it works for me without any issues.
BlackDex
commented
2 years ago Could you test this on vault.bitwarden.com for example and see if it fails there too?
And if not, what happens if you reconfigure it for your server again?
lgp171188
commented
2 years ago @BlackDex, I do not have an account on the official Bitwarden instance. So I will create one, test this out and then try switching back to my self-hosted instance. Will report the findings once I finish this.
lgp171188
commented
2 years ago I tried this and here's what happened.
If it will help debug this further, I can share the details of my self-hosted instance where you can try creating an account and try reproducing the issue.
BlackDex
commented
2 years ago I'm afraid this is an issue with the the Arch Linux version. I just tested it my self (I also use Arch Linux) and it breaks for me. I had the snap version installed which works fine. Also, if i download the zip file from here: https://github.com/bitwarden/cli/releases/tag/v1.22.0 that one works fine too.
If I build the PKG my self, it also breaks. This either is because Arch is using a newer version of NPM, or it is not using the correct jslib commit which uses a different API endpoint.
Because if this, i will see if i can add this, but that still means the bitwarden-cli build by Arch is different then the one build by Bitwarden them selfs.
Small edit: I have this fixed now in a local build.
lgp171188
commented
2 years ago @BlackDex, thank you for taking the time to investigate this and finding out the issue and coming up with the fix. Based on your feedback, is reporting a bug on the Arch Linux package the best next step?
lgp171188
commented
2 years ago I have reported a bug against the Arch Linux package - https://bugs.archlinux.org/task/74175
BlackDex
commented
2 years ago I have reported a bug against the Arch Linux package - https://bugs.archlinux.org/task/74175
Great. I just looked at the commits of jslib and it looks like it is a change that is for the future. And looking at the PKGBUILD file, it seems to always pull the latest jslib in instead of using the commit-hash linked to the tagged cli version.
kpcyrd
commented
2 years ago The jslib dependency is set to the right commit when the submodule is setup, cloning the bitwarden-cli repo and following the setup instructions doesn't work either, maybe it's a problem with the node version?
ph0
commented
2 years ago I am not sure if this is the same issue. I am running © 2022, Bitwarden Inc. (Powered by Vaultwarden) Version 2.25.1
Earlier today I logged in and my logins were not showing because there was a notification asking me to click the button to update encryption.
I updated, was logged out, and now when I try to login I get an error
"An error has occurred. Could not send login notification email. Please contact your administrator."
ph0
commented
2 years ago Okay it suddenly works again. I must note it was broken in this way for at least 14 hours. Cheers to whoever fixed this.
alex19EP
commented
2 years ago hello, Arch Linux package maintainer here.
I don't quite understand the cause of the problem yet. I tried using the same version of nodejs as the official bitwarden-cli, but that didn't work. I am sure that the correct commit in jslib is used during the build. if someone has more information - I will be grateful.
BlackDex
commented
2 years ago @alex19EP I'm not sure what the issue could be. But the snap version and the Github Actions build version do seem to work and not use the new endpoint. So maybe they did something strange during the build of the cli there.
I only wonder why you have the jslib as an extra download in the PKGBUILD. Because this should do the trick just fine:
source=(bitwarden-cli::git+https://github.com/bitwarden/cli.git#tag=v${pkgver})
sha512sums=('SKIP')
prepare() {
cd bitwarden-cli
# Link jslib
git submodule update --init
}I only wonder why you have the jslib as an extra download in the PKGBUILD.
o you can have a look at https://wiki.archlinux.org/title/VCS_package_guidelines#Git_submodules
BlackDex
commented
2 years ago I only wonder why you have the jslib as an extra download in the PKGBUILD.
o you can have a look at https://wiki.archlinux.org/title/VCS_package_guidelines#Git_submodules
Ah, that explains :)
ph0
commented
2 years ago I am not sure if this is the same issue. I am running © 2022, Bitwarden Inc. (Powered by Vaultwarden) Version 2.25.1
Earlier today I logged in and my logins were not showing because there was a notification asking me to click the button to update encryption.
I updated, was logged out, and now when I try to login I get an error
"An error has occurred. Could not send login notification email. Please contact your administrator."
I am still getting this same issue.
Nobody replied last time so I genuinely doubt anyone will now.
I really want to login, backup my database, delete vaultwarden, and find another password manager.
BlackDex
commented
2 years ago I am not sure if this is the same issue. I am running © 2022, Bitwarden Inc. (Powered by Vaultwarden) Version 2.25.1 Earlier today I logged in and my logins were not showing because there was a notification asking me to click the button to update encryption. I updated, was logged out, and now when I try to login I get an error "An error has occurred. Could not send login notification email. Please contact your administrator."
I am still getting this same issue.
Nobody replied last time so I genuinely doubt anyone will now.
I really want to login, backup my database, delete vaultwarden, and find another password manager.
I have never seen a request to update the encryption ever. So I'm not sure where you are seeing this.
Also, in a later post you mentioned it was fixed again, so what would you have expected to be answered??
joelmccracken
commented
1 month ago I just want to mention that I roughly had this issue myself last night, and pulled out much of what little hair I had left. It seems that its some kind of a version problem; I was trying to log in with
[1] joelmccracken@glamdring> which bw ~
/Users/joelmccracken/.nix-profile/bin/bw
joelmccracken@glamdring> bw --version ~
2022.10.0and no matter what I did, I kept getting the master password failure. I know that this version has worked in the past, tho I haven't run it in some time, but given I was able to log in with the password via the web interface, I decided to install another version of the cli and try it. I did, this time via homebrew, and it worked.
I suspect something about the official client and the pw remote host funcitonality changed, because, well, it used to work, and now it doesn't. But, I can't prove it. I did see somewhere that there was some node package version that might be the cause, which I guess might impact it, although generally folks feel that nix dependency locking is as about as precise as one can get.
Subject of the issue
Bitwarden CLI (version 1.22.0 - the latest on Arch Linux) login to the Vaultwarden server fails even with correct credentials
Deployment environment
Your environment (Generated via diagnostics page)
Config (Generated via diagnostics page)
Show Running Config
**Environment settings which are overridden:** ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_ip_header_enabled": true, "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "authenticator_disable_time_drift": false, "data_folder": "data", "database_max_conns": 10, "database_url": "*****://***********:*************@*******/***********", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "****://*********", "domain_origin": "****://*********", "domain_path": "", "domain_set": false, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_attempts_limit": 3, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 5 * * * *", "emergency_request_timeout_schedule": "0 5 * * * *", "enable_db_wal": true, "extended_logging": true, "helo_name": null, "hibp_api_key": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "invitation_org_name": "Vaultwarden", "invitations_allowed": false, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "Info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "password_iterations": 100000, "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_explicit_tls": false, "smtp_from": "*********@***.**", "smtp_from_name": "Vaultwarden", "smtp_host": "**********", "smtp_password": null, "smtp_port": 8025, "smtp_ssl": false, "smtp_timeout": 15, "smtp_username": null, "templates_folder": "data/templates", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_syslog": false, "user_attachment_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "websocket_address": "0.0.0.0", "websocket_enabled": true, "websocket_port": 3012, "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ```Install method: Official docker image using
docker-composeClients used: Bitwarden CLI 1.22.0
Reverse proxy and version: Nginx (the latest version from lscr.io/linuxserver.io/swag)
MySQL/MariaDB or PostgreSQL version: MariaDB 10.5.15 (lscr.io/linuxserver/mariadb docker container)
Other relevant details:
Steps to reproduce
vaultwardenusingdocker-compose.1.22.0(the latest version on Arch Linux). Try logging in using the same credentials after runningbw login.Username or password is incorrect. Try againis printed.Expected behaviour
The login should succeed with the same credentials that work for the web vault login.
Actual behaviour
The login errors out.
Troubleshooting data
Relevant log lines related to this issue from the Docker container logs.
The logs for the CLI login failure
The logs for the web vault successful login with the same credentials.