New user onboarding has multiple show-stoppers

[morrildl]

I signed up today with a new account, 'morrildl'. I started, but did not complete, the 'add a PGP key' flow in the browser. Specifically, when I got to the step where it offers to let you use the keybase binary, I switched to that flow, since it seemed cleaner/safer than the curl approach.

Because it was the first client and I was looking to add my GPG key, I couldn't use GPG to authenticate, so I used account passphrase. When I tried to add a key via 'keybase pgp select', it failed because I use a yubikey and thus the binary couldn't export my private key(!) for whatever nefarious machinations it wants it for.

So I returned to the web UI, to add my key that way via the curl method, after all. However, the site refuses to let you do this if you have extant clients, including a paper key client. So I went into account settings and deleted them all; this caused the "add a PGP key" link to reappear, so I went back into the curl-based flow.

However, the curl method returns error 908 (also known as issue #982): Code: 908 Name: KEY_NEED_REVOKE Description: You need to delete your active key before uploading a new one

Note again that as of this writing I have never successfully added a key.

Because at this point it was clear that everything was broken, for the lulz I went through the "generate a key for me" flow in the web UI, twice. Neither attempt actually attached a key to my account.

At this point: 1) I can not create new clients, because I had already used passphrase login once, had deleted the paper key client to regain access to web key add UI, and did not have a PGP key added to authenticate directly. 2) I can not add a PGP key, by any means. 3) The web UI tells me I have no key attached. 4) The API tells me (via both curl and 'keybase login') that I need to delete the "active" key before it will let me upload one or create a client.

I next did the "recover passphrase" flow, hoping the reset would fix the above. It did not; I am still in that state. (For instance, 'keybase login' with account passphrase says "ERROR Passphrase provision is not possible since you have at least one provisioned device or pgp key already")

There are of course multiple bugs here:

• The keybase binary should not be attempting to export my private key, ever, for any reason, full stop. Demonstrably you don't need it, as evidenced by the 'curl' version of the flow. If your philosophy is that you prefer to make native calls directly into libgcrypt instead of shelling out to gpg proper, I still don't care: I don't trust your code and I'm not interested in reviewing it. For all I know, your binary is (hypothetically) simultaneously vulnerable to Heartbleed and doesn't check HTTPS server certs, exposing my private key to a MITM. As far as I'm concerned, my Yubikey has successfully defended me from an attack, here.
• You have a backend data consistency error, insofar as your API server and web UI don't agree on whether I have an active key linked to my account. Accordingly, I can't fix it by deleting the key, etc.
• Issue #982 appears unresolved (and indeed, unacknowledged), insofar as it appears to have just happened to me too. That is, it appears that aborting an 'add key' flow left my account in an unrecoverably broken state.
• Your "reset account" flow doesn't fully reset an account. (i.e. I am still stuck in this 'phantom key' state.)
• The web site & API really really really ought not to let the user delete the paper key client, if it's the only such client or last client on the account. Or at the very least, display a much scarier warning on delete.
• The keybase client doesn't properly support sequestered keys on smartcards, but this is sort of a secondary consequence of the first bug above.

[maxtaco]

Oh man, what a cluster. Which client version were you using when you switched to the client? For non-experts, it is simpler for the local client to export out of GPG's keychain into its own keychain so that way the client can use Go libraries to decrypt and sign. Shelling out is really painful for n reasons, and for more casual users, we were hoping to get away with one shell-out (the initial export).

However, we realize experts like yourself would find such a solution unsatisfactory, so the most recent Go clients use a one-time shell-out to GPG to produce a signature to provisioning the account. After which, we don't have access to the secret key for decrypting and signing, as you can imagine.

[morrildl]

morrildl@caconym:~🚗 keybase version Client: 1.0.8-0 Service: 1.0.8-0 morrildl@caconym:~🍷🍸 cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=15.10 DISTRIB_CODENAME=wily DISTRIB_DESCRIPTION="Ubuntu 15.10"

Re: the single shell-out -- do you mean that you export the private key once, use it to sign your device/client instance key, then destroy the copy of the private key? If that's correct, what makes a shell out to 'gpg --sign' unworkable?

[maxtaco]

No, sorry, I wasn't clear. In the login process, you have two options for GPG-based provisioning: (1) just use gpg --sign as you suggest, which is enough to provision the device; or (2) to export the key so our client can pgp sign or pgp decrypt for you in the future.

I was going to suggest that what you wanted to begin with was keybase pgp select --no-import, but reading the code, it won't work with your PGP device, since that subcommand is, erroneously, exporting and destroying. I just filed a ticket to fix pgp select --no-import do the right thing, as login does. The two should be sharing code but aren't sharing enough.

There are various reasons why once you start with a device-based key, we can't transition to the Web-based flow, not the least of which is that we don't want people to trust the web site with their secret keys of any kind, and therefore, we'd need to shell out to something like gpg as we do in our curl flow, and in that case, why not just use our CLI in the first place. (There's like a 4x4x4x4x4 matrix (tensor? nor sure what) of all of the cases we need to handle and are just going for the common ones).

Your account is most likely horked at this point, since you revoked all of your keys. I would do this:

1. Log in, click on your profile, and click on the gear, and select "reset my account & start from scratch."
2. Provision your account via the Web site + the Curl/GPG flow
3. Log in via the CLI and select the GPG + sign technique.

That should probably get your account to where you want it, but then you can't use keybase for any PGP operations, which I'm guessing is OK with you.

[morrildl]

In no particular order....

I don't see a gear anywhere in my UI; I have a green "Action needed" alert button thingy, but no gear. I can't find a "reset & start from scratch" link anywhere in the UI. Does the gear not appear until the web UI thinks you are fully provisioned...?

The --no-import flavor does indeed sound like what I would be most comfy with. Thanks for that tip, I'll keep an eye out for that in a future build.

It's worth noting that yubikey+GPG2 has made all this (relatively) simple enough that that the world will hopefully see a lot more cases of the private key not being physically available. That is, today's aluminum haberdasher may be tomorrow's corporate user. A certain large tech corporation I am familiar with has issued yubikeys to every employee for every corporate machine, for example.

[maxtaco]

Ok many thanks for the feedback and sorry your experience was so crappy. I will look a bit into unhorking your account tomorrow. It is a case we should test more (revoking your last good key). Signing off for now though...

On Wednesday, January 20, 2016, Dan Morrill notifications@github.com wrote:

In no particular order....

I don't see a gear anywhere in my UI; I have a green "Action needed" alert button thingy, but no gear. I can't find a "reset & start from scratch" link anywhere in the UI. Does the gear not appear until the web UI thinks you are fully provisioned...?

The --no-import flavor does indeed sound like what I would be most comfy with. Thanks for that tip, I'll keep an eye out for that in a future build.

It's worth noting that yubikey+GPG2 has made all this (relatively) simple enough that that the world will hopefully see a lot more cases of the private key not being physically available. That is, today's aluminum haberdasher may be tomorrow's corporate user. A certain large tech corporation I am familiar with has issued yubikeys to every employee for every corporate machine, for example.

It's also worth noting that

— Reply to this email directly or view it on GitHub https://github.com/keybase/keybase-issues/issues/1971#issuecomment-173441377 .

[oconnor663]

AUGH! Wow this is terrible. Lots of stuff to fix -- thanks for the detailed report.

The "start from scratch" item is behind that "Action needed" button. Sorry for the confusion there -- that button turns into the gear once you've successfully uploaded a PGP key, and I tend to forget about it.

[morrildl]

Thanks! Unfortunately, I don't have that option in that menu. Presumably because it thinks I don't have any keys to reset...

Does it link to a simple URL I can visit?

[RichJeanes]

Try this: https://keybase.io/#account-reset Don't know if that will actually work with the state of your account, but worth a shot.

[morrildl]

@RichJeanes Thanks! That worked just swell, and I was able to add my key (via the 'curl' copy & paste). Looks like I'm in business as https://keybase.io/morrildl

@maxtaco and @oconnor663 -- by the way, kudos for a pretty stellar response effort. You folks are seriously on the ball.

[RichJeanes]

:+1:

[oconnor663]

Good call @RichJeanes! I hadn't thought of that. Sorry for the big delay since our last comment -- we're in the middle of a big sprint :runner: