Blank passwords after upgrading to 3.1.0.11

[DaveWebb2]

Page on which it happened

View an item after upgrading to 3.1.0.11

Steps to reproduce

1. Log in using AD credentials
2. Click the required account
3. Click the eye to view the password

Expected behaviour

See the password

Actual behaviour

No password visible. I can also see a little bell icon, and when I hover over it see this message: "it seems your password has changed and Teampass requires it to encrypt your master private key". My AD password hasn't change for a few weeks.

Server configuration

Operating system: Linux aimnpt-svrapp05 5.15.0-100-generic #110-Ubuntu SMP Wed Feb 7 13:27:48 UTC 2024 x86_64

Web server: Apache/2.4.52 (Ubuntu)

Database: 10.6.16-MariaDB-0ubuntu0.22.04.1

PHP version: 8.2.16

Teampass version: 3.1.0

Teampass configuration file:

'max_latest_items' => '10',
'enable_favourites' => '1',
'show_last_items' => '1',
'enable_pf_feature' => '1',
'log_connections' => '0',
'log_accessed' => '1',
'time_format' => 'H:i:s',
'date_format' => 'd/m/Y',
'duplicate_folder' => '0',
'item_duplicate_in_same_folder' => '0',
'duplicate_item' => '0',
'number_of_used_pw' => '3',
'manager_edit' => '1',
'cpassman_dir' => '/var/www/teampass',
'cpassman_url' => 'https://<anonym_url>
'favicon' => 'https://<anonym_url>/favicon.ico',
'path_to_upload_folder' => '/var/www/teampass/upload',
'url_to_upload_folder' => 'https://<anonym_url>/upload',
'path_to_files_folder' => '/var/www/teampass/files',
'url_to_files_folder' => 'https://<anonym_url>/files',
'activate_expiration' => '0',
'pw_life_duration' => '0',
'maintenance_mode' => '0',
'enable_sts' => '0',
'encryptClientServer' => '1',
'cpassman_version' => '2.1.27',
'ldap_mode' => '1',
'ldap_type' => 'ActiveDirectory',
'ldap_suffix' => 'hidden',
'ldap_domain_dn' => 'DC=corp,DC=hidden,DC=com',
'ldap_domain_controler' => '1.2.3.4',
'ldap_user_attribute' => 'samaccountname',
'ldap_ssl' => '1',
'ldap_tls' => '0',
'ldap_search_base' => '0',
'ldap_port' => '636',
'richtext' => '0',
'allow_print' => '0',
'roles_allowed_to_print' => '0',
'show_description' => '1',
'anyone_can_modify' => '0',
'anyone_can_modify_bydefault' => '0',
'nb_bad_authentication' => '0',
'utf8_enabled' => '1',
'restricted_to' => '0',
'restricted_to_roles' => '0',
'enable_send_email_on_user_login' => '0',
'enable_user_can_create_folders' => '0',
'insert_manual_entry_item_history' => '0',
'enable_kb' => '0',
'enable_email_notification_on_item_shown' => '0',
'enable_email_notification_on_user_pw_change' => '0',
'custom_logo' => '',
'custom_login_text' => '',
'default_language' => 'english',
'send_stats' => '0',
'send_statistics_items' => 'stat_country;stat_users;stat_items;stat_items_shared;stat_folders;stat_folders_shared;stat_admins;stat_managers;stat_ro;stat_mysqlversion;stat_phpversion;stat_teampassversion;stat_languages;stat_kb;stat_suggestion;stat_customfields;stat_api;stat_2fa;stat_agses;stat_duo;stat_ldap;stat_syslog;stat_stricthttps;stat_fav;stat_pf;',
'send_stats_time' => '1559483041',
'get_tp_info' => '1',
'send_mail_on_user_login' => '0',
'nb_items_by_query' => 'auto',
'enable_delete_after_consultation' => '0',
'enable_personal_saltkey_cookie' => '0',
'personal_saltkey_cookie_duration' => '31',
'email_smtp_server' => '<removed>'
'email_smtp_auth' => '',
'email_auth_username' => '<removed>'
'email_auth_pwd' => '<removed>'
'email_port' => '25',
'email_security' => 'none',
'email_server_url' => '',
'email_from' => '<removed>'
'email_from' => '<removed>'
'pwd_maximum_length' => '40',
'google_authentication' => '0',
'delay_item_edition' => '0',
'allow_import' => '1',
'proxy_ip' => '<removed>'
'proxy_port' => '',
'upload_maxfilesize' => '10mb',
'upload_docext' => 'doc,docx,dotx,xls,xlsx,xltx,rtf,csv,txt,pdf,ppt,pptx,pot,dotx,xltx',
'upload_imagesext' => 'jpg,jpeg,gif,png',
'upload_pkgext' => '7z,rar,tar,zip',
'upload_otherext' => 'sql,xml',
'upload_imageresize_options' => '1',
'upload_imageresize_width' => '800',
'upload_imageresize_height' => '600',
'upload_imageresize_quality' => '90',
'use_md5_password_as_salt' => '0',
'ga_website_name' => 'TeamPass for ChangeMe',
'api' => '0',
'subfolder_rights_as_parent' => '0',
'show_only_accessible_folders' => '0',
'enable_suggestion' => '0',
'otv_expiration_period' => '7',
'default_session_expiration_time' => '60',
'duo' => '0',
'enable_server_password_change' => '0',
'ldap_object_class' => '0',
'bck_script_path' => '/var/www/teampass/backups',
'bck_script_filename' => 'bck_teampass',
'syslog_enable' => '0',
'syslog_host' => '<removed>'
'syslog_port' => '514',
'manager_move_item' => '0',
'create_item_without_password' => '0',
'otv_is_enabled' => '0',
'agses_authentication_enabled' => '0',
'item_extra_fields' => '1',
'saltkey_ante_2127' => 'none',
'migration_to_2127' => 'done',
'files_with_defuse' => 'done',
'timezone' => 'UTC',
'enable_attachment_encryption' => '1',
'personal_saltkey_security_level' => '50',
'ldap_new_user_is_administrated_by' => '0',
'disable_show_forgot_pwd_link' => '0',
'offline_key_level' => '0',
'enable_http_request_login' => '0',
'ldap_and_local_authentication' => '0',
'secure_display_image' => '1',
'upload_zero_byte_file' => '0',
'upload_all_extensions_file' => '0',
'bck_script_passkey' => '<removed>'
'admin_2fa_required' => '1',
'password_overview_delay' => '4',
'roles_allowed_to_print_select' => '',
'clipboard_life_duration' => '30',
'mfa_for_roles' => '',
'tree_counters' => '0',
'settings_offline_mode' => '0',
'settings_tree_counters' => '0',
'copy_to_clipboard_small_icons' => '0',
'enable_massive_move_delete' => '0',
'email_debug_level' => '0',
'ga_reset_by_user' => '',
'onthefly-backup-key' => '<removed>'
'onthefly-restore-key' => '<removed>'
'ldap_user_dn_attribute' => 'distinguishedname',
'ldap_dn_additional_user_dn' => '',
'ldap_user_object_filter' => '',
'ldap_bdn' => 'dc=corp,dc=hidden,dc=com',
'ldap_hosts' => '<removed>'
'ldap_password' => '<removed>'
'ldap_username' => 'CN=administrator,CN=users,DC=corp,DC=hidden,DC=com',
'api_token_duration' => '60',
'enable_tasks_manager' => '1',
'task_maximum_run_time' => '300',
'maximum_number_of_items_to_treat' => '300',
'tasks_manager_refreshing_period' => '100',
'ldap_tls_certifacte_check' => 'LDAP_OPT_X_TLS_NEVER',
'enable_tasks_log' => '0',
'enable_ad_users_with_ad_groups' => '0',
'enable_ad_user_auto_creation' => '0',
'ldap_group_object_filter' => '',
'ldap_guid_attibute' => 'objectguid',
'sending_emails_job_frequency' => '2',
'user_keys_job_frequency' => '1',
'items_statistics_job_frequency' => '5',
'reload_cache_table_task' => '',
'rebuild_config_file' => '',
'purge_temporary_files_task' => '',
'clean_orphan_objects_task' => '',
'users_personal_folder_task' => '',
'maximum_session_expiration_time' => '60',
'items_ops_job_frequency' => '1',
'upgrade_timestamp' => '1709974233',
'enable_refresh_task_last_execution' => '1',
'teampass_version' => '3.1.0',

I had a version 2 running on an old Ubuntu 18.04 server so built a new server running Ubuntu 22.04 and PHP 8.2 so copied everything over and ran the upgrade. I initially used 3.1.1 but it took about 8 hours to fix all the issues, like replace missing files, etc, so switched to 3.1.0 as recommended by other people with similar issues. I made sure I followed the instructions, although they are very vague and could use more detail, to make sure I copied the key file.

Client configuration

Browser: -

Operating system: - bits

Logs

Web server error log

 -  ()

Teampass 10 last system errors

Hidden because they contain my user info, but are all dated from about 6 months ago

Log from the web-browser developer console (CTRL + SHIFT + i)

Insert the log here and especially the answer of the query that failed.

[DaveWebb2]

I have just tried upgrading to 3.1.2.26 and the error still remains, so hopefully it is just a config issue. Apart form copying the sk.php and teampass-seckey.txt what else should I do?

[nilsteampassnet]

https://documentation.teampass.net/#/install/upgrade?id=upgrading-from-2x-branch

Have you tried to

[spigotx]

I didn't change my passwords:

Nothing happens here:

[DaveWebb2]

https://documentation.teampass.net/#/install/upgrade?id=upgrading-from-2x-branch

Have you tried to

Yes, I tried that but nothing happens, the circles in the button just keep spinning forever.

[DaveWebb2]

I have tried again from scratch using the latest version (3.1.2.27) but have the same issue, all the passwords are blank. Is there a way to fix this? I've been trying to upgrade for weeks now.

[DaveWebb2]

@nilsteampassnet do you have any suggestions for how to fix this please?

[sjsarg]

same error here. Migrating from 3.0.6 to 3.1.2.26 I got the same issue. I haven't changed my password.

Following @nilsteampassnet suggestion, I generated new keys and after a while, I selected a folder and then Teampass refreshed the page and goes into an infinite loop refreshing the page with "Reading folder" message follow by "This page will now be reloaded" message.

I restarted teampass and got the same error:

[DaveWebb2]

I've encountered so many issues with upgrading from version 2 to version 3, each time I get past one issue I hit another. It's been far from straight-forward.

[DaveWebb2]

I have tried the latest version, 3.1.2.29, and the issue still exists, I've tried upgrading again from version 2 but can't see any passwords.

This is on Ubuntu 22.04.4 LTS with PHP 8.2.17, MariaDB 10.6.16

[DaveWebb2]

@nilsteampassnet are you able to help resolve this please?

[TerrynBoothEclipse]

Also experiencing the same issue.

[sjsarg]

HI @TerrynBoothEclipse , @DaveWebb2 , @nilsteampassnet, any news about this issue?

Regards

[DaveWebb2]

HI @TerrynBoothEclipse , @DaveWebb2 , @nilsteampassnet, any news about this issue?

Regards

No, I've been stuck trying to upgrade for over 3 months now, I can't get past this issue.

[Phdhebde]

i'm also trying to upgrade from 2 to 3 but when i'm trying to retrieve my password, it's blank. Does anyone have any idea ? Thanks

[DaveWebb2]

@nilsteampassnet do you know why every password stored in 3.1.2.29 would be blank after a clean install then upgrade from 2.1.27.36?

[Phdhebde]

You can try to upgrade using an other adminstrator user, it works for me

[DaveWebb2]

@nilsteampassnet are you able to acknowledge this? Are you able to help please? It's been broken for nearly 3 months, can you offer some suggestions please? It seems that others are affected by the same issue too.

[rokx]

My first migration from 2 was very fast. Checking the browser console logs I noticed a lot of repeating messages

"File '.SECUREPATH.'/teampass-seckey.txt could not be renamed. Please do it by yourself and click on button Launch.

I presume no passwords were reencrypted, beside personal ones.

The next try during migration I renamed the file teampass-seckey.txt to secretkey.txt and defined it in settings.php. The migration was a lot slower as the server actually did some reencryption.

The documentation at https://documentation.teampass.net/#/install/upgrade should be updated.

[DaveWebb2]

Renaming the teampass-seckey.txt to secretkey.txt made no difference for me. I tried that while upgrading to version 3.1.2.45 and every password in every folder is still blank.

I also tried generating new keys again, but this didn't work.

There is a bell icon next to the password that says "It seems your password has changed and Teampass requires it to encrypt your master private key". In the drop-down menu at the top of the page there is an option to "Synchronize new password" - when I click this, it rejects my old password even though it is correct (it's using LDAP and I know the AD password I am entering is correct. is this related? Could this be why nobody can access any of the passwords?

@nilsteampassnet should we assume that your lack of response on this means you have abandoned the project and have stopped working on TeamPass? Even some hints as to what might be wrong would be helpful, I've been trying to upgrade from 2.1.27 for 5 months now.

[laetitia-riera]

Bonjour, Je rencontre exactement les mêmes problèmes de mon côté. Mêmes en suivant tout les modifications proposé sur les différents tickets concernant ce problème, rien ne change. J'ai tester en repartant de Zéro et là tous fonctionne de la version 3.0.0.10 à la 3.1.0 en revanche dès que j'upgrade en 3.1.1 plus rien. Je retrouve mon arborescence, mais impossible de consulter les mots de passe. Quelqu'un pourrait m'aider car nous avons plus de 300 mots de passe et je ne me vois pas tous reprendre à la main a chaque upgrade de version. Merci d'avance.

[laetitia-riera]

Bonjour, Voilà ce que j'ai quand je veux consulter les mots de passe qui ont été upgradé.

[DaveWebb2]

I have tried again with version 3.1.2.60 but still it fails. @nilsteampassnet please offer some help on why this might be failing every time on v3?

[gonzalodeniz]

That's how it works for me:

1. Activate personal folders
2. In the User Profile > Generate new keys
3. Click on regenerate shared keys.

If you have items in the personal folder you will lose it, unless you import your public-private key pair.

[DaveWebb2]

I have tried yet again with the latest version, 3.1.2.141, but it still fails. @nilsteampassnet is there any reason you are choosing not to respond and help with this? I've been unable to upgrade from 2.1.27 for 8 months now. I'm sure it could be something simple, so I'd really appreciate a response with some suggestions rather than being ignored.

[nilsteampassnet]

@DaveWebb2 No specific reason, just not enough time in order to support everyone. Have you tried running "Tools" page after upgrade?

[DaveWebb2]

I didn't know the Tools page existed, there is no link for it on the left but I got to it by entering it in the URL.

Unfortunately, there is nothing useful there, only an option to fix missing personal items, but that's not the problem. The problem is that nobody can see any of the shared passwords in any of the folders, they are all blank. What could cause this? Where can I start to look to fix it?

[DaveWebb2]

@nilsteampassnet any other ideas? Is there anything else I can check? How can I check if the items actually exist? It would be good to determine if the issue is the import, and the passwords are simply not there, or if the passwords are there but something else is preventing them from showing. I'm really really really keen to get this fixed after 8 months of trying.

[DaveWebb2]

@nilsteampassnet on the Tasks page I can see that the In Progress and Done tabs are empty. The maintenance operations are enabled, and it shows the Cron job is correctly set, but does this mean something may not have completed that would affect this?

I can also see a green circle with a line through it in the password box when I try to view a password in a folder (not personal items).

[DaveWebb2]

This is working now for me in 3.1.4.3