nilsteampassnet
[ISSUE] 3.1.5.12 User can't look at password
Hello,
My user can't look at password, there is a problem with sharekeys apparently.
Even after using this option, the issue is still the same
I'm free to share any logs that could help.
Log in /var/log/apache2/
kp1.randomcompany.com:443 192.168.39.65 - - [09/Dec/2025:13:27:26 +0000] "POST /sources/items.queries.php HTTP/1.1" 200 926 "https://kp1.randomcompany.com/index.php?page=items&loginForm" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0" kp1.randomcompany.com:443 192.168.39.65 - - [09/Dec/2025:13:27:27 +0000] "POST /sources/items.queries.php HTTP/1.1" 200 1557 "https://kp1.randomcompany.com/index.php?page=items&loginForm" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0" kp1.randomcompany.com:443 192.168.39.65 - - [09/Dec/2025:13:27:33 +0000] "GET /sources/logs.datatables.php?action=tasks_in_progress&draw=11&columns%5B0%5D%5Bdata%5D=0&columns%5B0%5D%5Bname%5D=&columns%5B0%5D%5Bsearchable%5D=true&columns%5B0%5D%5Borderable%5D=true&columns%5B0%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B0%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B1%5D%5Bdata%5D=1&columns%5B1%5D%5Bname%5D=&columns%5B1%5D%5Bsearchable%5D=true&columns%5B1%5D%5Borderable%5D=true&columns%5B1%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B1%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B2%5D%5Bdata%5D=2&columns%5B2%5D%5Bname%5D=&columns%5B2%5D%5Bsearchable%5D=true&columns%5B2%5D%5Borderable%5D=true&columns%5B2%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B2%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B3%5D%5Bdata%5D=3&columns%5B3%5D%5Bname%5D=&columns%5B3%5D%5Bsearchable%5D=true&columns%5B3%5D%5Borderable%5D=true&columns%5B3%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B3%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B4%5D%5Bdata%5D=4&columns%5B4%5D%5Bname%5D=&columns%5B4%5D%5Bsearchable%5D=true&columns%5B4%5D%5Borderable%5D=true&columns%5B4%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B4%5D%5Bsearch%5D%5Bregex%5D=false&order%5B0%5D%5Bcolumn%5D=1&order%5B0%5D%5Bdir%5D=asc&start=0&length=10&search%5Bvalue%5D=&search%5Bregex%5D=false&_=1765286647836 HTTP/1.1" 200 4134 "https://kp1.randomcompany.com/index.php?page=tasks" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0" kp1.randomcompany.com:443 192.168.39.65 - - [09/Dec/2025:13:27:34 +0000] "POST /sources/tasks.queries.php HTTP/1.1" 200 2148 "https://kp1.randomcompany.com/index.php?page=tasks" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0"
Thanks for your hardwork :)
More and more users are concerned, some can't connect anymore
I tried to create locals users, they can connect but they can't see any password
I did a fresh install of 3.1.5.12 on a new VM, did a dump (with the teampass backup option) from the previous server and restore it. Apparently, It fucked up encrypted_psk because accounts can't even look at folders nor passwords
I tried to regenerate my keys from the teampass option
But It did nothing.
The only log I could find was in /var/log/apache2/error.log
root@teampass-test:/var/www/html/tp# tail -f /var/log/apache2/error.log [Wed Dec 10 16:28:21.085336 2025] [php:warn] [pid 3338] [client 192.168.34.144:4698] PHP Warning: Undefined array key "user_id" in /var/www/html/tp/sources/users.queries.php on line 2812, referer: http://10.0.14.16/tp/index.php?page=items [Wed Dec 10 16:28:39.194568 2025] [php:notice] [pid 3220] [client 192.168.34.144:57749] TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed., referer: http://10.0.14.16/tp/index.php?page=options [Wed Dec 10 16:28:52.159153 2025] [php:notice] [pid 2812] [client 192.168.34.144:40599] TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed., referer: http://10.0.14.16/tp/index.php?page=options [Wed Dec 10 16:28:55.819930 2025] [php:notice] [pid 2812] [client 192.168.34.144:40599] TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed., referer: http://10.0.14.16/tp/index.php?page=options [Wed Dec 10 16:29:09.165991 2025] [php:notice] [pid 2502] [client 192.168.34.144:29525] TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed., referer: http://10.0.14.16/tp/index.php?page=tasks [Wed Dec 10 16:29:40.743515 2025] [php:notice] [pid 3369] [client 192.168.34.144:42512] TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed., referer: http://10.0.14.16/tp/index.php?page=tasks [Wed Dec 10 16:29:56.584222 2025] [php:notice] [pid 3390] [client 192.168.34.144:57179] TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed., referer: http://10.0.14.16/tp/index.php?page=tasks [Wed Dec 10 16:30:50.203606 2025] [php:notice] [pid 3388] [client 192.168.34.144:1609] TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed., referer: http://10.0.14.16/tp/index.php?page=tasks [Wed Dec 10 16:40:57.308212 2025] [php:notice] [pid 3388] [client 192.168.34.144:35530] TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed., referer: http://10.0.14.16/tp/index.php?page=tasks [Wed Dec 10 16:52:02.833659 2025] [php:notice] [pid 3388] [client 192.168.34.144:18794] TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed., referer: http://10.0.14.16/tp/index.php?page=admin
The key in /var/lib/teampass/teampass-seckey.txt is the same on both servers (verified with hexdump -C /var/lib/teampass/teampass-seckey.txt)
@guerricv Sorry for bothering, If you could take a look at my issue, we have big production problem :/ Thanks ^^
Hi @volrod64 , Not sure i can help more. I think you already tried my script to copy sharekeys from admin account to user TP/id 999997 ? That's how I managed the issue on my side, and it worked for me 🙏 If you have an account with all items access, you can try that in a test environment before applying to production.
Also, with recent changes implemented by Nils I don't know if that trick can work anymore. First of all, find a user with all access who is still able to display password (it can be from a backup).
@guerricv Thanks for your answer !
I do have a backup, and my user got access to all items and folders without any problems ! Can you tell me which script you're talking about ? I could try it, i'm desesperate lol
the one I provided in this ticket : https://github.com/nilsteampassnet/TeamPass/issues/4883 - let's give it a try :)
This is still an issue for me (#4883) after 2 months. The script kindly provided by guerricv didn't work as it kept rejecting the password of the donor user (probably because all our users are oAuth and not local). I have several new users that can't access a single password as there are no sharekeys created.
I see no errors in the logs apart from the one your mentioned: "TEAMPASS-Error-Wrong key or modified ciphertext: Integrity check failed."
I'm desperate for a fix.
With regards to the Malformed UTF-8 Data message, I have been trying to migrate TeamPass from an Ubuntu VM to an Azure App Service with an Azure MySQL Flexible instance but see that error 100% of the time and can't fix it. It doesn't appear at all when running TeamPass in an Ubuntu VM with MariaDB.
@DaveWebb2 I'm not using OAuth2 for Teampass, but I'm curious : which syntax do you use for AzureAD authentifaction ? Something like AzureAD\xxxxxx or simply the username login (mostly main email address ?)
@volrod64 Did you succeed on something ?
@guerricv we add the users into TeamPass as, for example, dwebb with email address of [email protected] - then the users click 'Login with Entra ID' without entering a username/password and it passes through to the App Registration in Entra.
@DaveWebb2 I'm not using OAuth2 for Teampass, but I'm curious : which syntax do you use for AzureAD authentifaction ? Something like AzureAD\xxxxxx or simply the username login (mostly main email address ?)
@volrod64 Did you succeed on something ?
Script didn't work. One of my coworker is doing some scripting to rebair the broken database.