Comments (31)
The problem is the new individual item encryption function of Bitwarden.
All clients since 2024.2.x (i think) are able to decrypt those items. Since the new 2024.7.x clients they are starting to always use this feature.
This has nothing to do with Vaultwarden specifically. Vaultwarden supports this feature already for a while.
Also, trying to use rbw
on Bitwarden Cloud will probably also fail if new items are created there.
from rbw.
If it helps others, we managed to get rbw to work again by deleting the entries that were created in Bitwarden since the 2024.7.x update that @BlackDex mentions.
If you have this issue and cannot stop using rbw you may want to make a backup of your Bitwarden vaults, inspect admin logs and look for recently created/updated items, and delete them and save them somewhere else for now
from rbw.
yeah, sorry about this! i'm working on fixing it, but in the meantime, you can work around it by using rbw to add/edit secrets instead of using the web vault (and if necessary, deleting any entries you may have created in the web vault in the past few days and recreating them from the command line).
from rbw.
For NixOS users, I've submitted #333147, after that's merged it will land in unstable soon after, and for 24.05 users it may take an additional day or 2 to be backported.
from rbw.
I am now getting this error on two machines running Arch Linux (one under WSL). Perhaps after updating some package/s? Nothing really standing out, though. Vaultwarden Web and Bitwarden Mobile seem unaffected.
from rbw.
if you've tried a bunch of things the bitwarden server is probably blocking you from from trying to brute force a login. probably have to wait some time.
from rbw.
Having this issue on NixOS with rbw 1.11.1
. Weirdly was working fine until I updated my system, but I don't think rbw
updated. Tried rebooting, purging, logging in, and rolling back my system to a previous state, and nothing worked.
Edit: apologies, seen there's a new version bump, will update and try again.
from rbw.
Not at all! You can find it with rbw help
. The exact command is rbw stop-agent
. Try that, then purge, then login, then sync (not sure it's necessary but doesnt hurt). That should completely reset your connection to the Bitwarden vault
from rbw.
I do use conda (micromamba), though NixOS makes it a bit of a nightmare and you have to be running an impure state to do it. Rust might work (NixOS might fight me on this, too - definitely hopping back to Arch (btw) soon), but at this stage I'll just wait for new version to hit the repos. I really appreciate your help, though!
from rbw.
From what i understand, this is the code that fails : https://github.com/doy/rbw/blob/main/src/cipherstring.rs#L227-L229
So, with my low understanding, it seems related to the key used on his account, with either an incorrect key (corrupted sha256?), or the code in rbw
that checks it has an issue with his specific key.
from rbw.
We tried to downgrade rbw
version, without success.
We made a new user account, and rbw
does not have any issue with this new account.
It seems to indicate that his key was somehow kinda corrupted (but not that much as it was still working with vaultwarden web client).
I leave issue open in case you have an idea about what may have happen, but it sounds like a vaultwarden issue, nothing to do with rbw
's code.
from rbw.
glad to hear that it's working again - i'm not sure there's much i can do here without more information about how to reproduce the issue, but definitely let me know if it comes up again.
from rbw.
gnupg, gpgme, and pinentry were rebuilt against libassuan 3.0.0, but rbw unlock
seems to work fine.
from rbw.
Issue remains after downgrading those.
from rbw.
I have the same issue as @polyzen, also running arch. I started after I ran rbw sync
(I edited an entry on the Bitwarden app on my phone). After I run rbw purge
I get: rbw list: failed to log in to bitwarden instance: failed to parse JSON: EOF while parsing a value at line 1 column 0
. I use rbw 1.9.0, I don't use vaultwarden.
edited: added version info.
from rbw.
what version of vaultwaden are you all using? have you tried rolling it back?
from rbw.
rbw list: failed to log in to bitwarden instance: failed to parse JSON: EOF while parsing a value at line 1 column 0. I use rbw 1.9.0, I don't use vaultwarden.
Version 1.10.2 was released May 21 to resolve that.
The other two reporters mention they use vaultwarden.
from rbw.
I just tried the latest version (rbw 1.11.1) but the issue persists.
from rbw.
you need to kill the agent from the old version that is running. run rbw purge and login again.
from rbw.
Yeah I tried that as well (also did a reboot). The issue persists. I will send an update once I managed to solve it..
from rbw.
what version of vaultwaden are you all using? have you tried rolling it back?
Upgraded to 1.31.0 from 1.30.5 on July 8th, and restarted the system after. Have restarted the system several times since and used rbw on a daily basis. Have not tried rolling it back.
you need to kill the agent from the old version that is running. run rbw purge and login again.
Same issue after logging back in, syncing, and trying to get a password.
from rbw.
Same issue after logging back in, syncing, and trying to get a password.
that was not meant for the people having issues with vaultwarden. different issue.
did you try as OP did?
We made a new user account, and rbw does not have any issue with this new account.
?
from rbw.
- Installed rbw on a third machine
- Confirmed issue still occurs with my actual account
- Confirmed issue does not occur with a new account
from rbw.
I don't know much about vaultwarden but it may be your database schema didn't get updated on your account. I would suggest going to their project and figure out how to export and reimport fresh.
If you want to track it down. Make a backup and create a test environment and try rolling back vw versions and see if one works still.
from rbw.
Better yet, in the database, look for entries which have the key
column filled instead of NULL
from rbw.
I'm currently having this issue. rbw 1.11.1
trying to access secrets from bitwarden.
from rbw.
Yup, fixed after i ran a rbw purge
and logged back in. thank you!
from rbw.
@jacanchaplais you don't mention stopping the agent, did you do that before logging in again?
Otherwise for some of us it was necessary to switch to 1.12.1
, the first release was not enough. Maybe try again with that version?
from rbw.
Sorry to be dense, but how do I stop the agent? I tried finding a service called rbw using systemctl, and came up with nothing, so I guessed rebooting might do the trick. I'm guessing I'm missing something basic here?
from rbw.
Thanks for your patience! No joy, and looks like it hasn't updated in the Nix repos, so I guess I'll just have to stick with the bitwarden web client for now. :(
Terminal output
~ ❯ rbw stop-agent 6s 14:55:16
~ ❯ rbw purge 14:57:07
~ ❯ rbw login 14:57:14
~ ❯ rbw sync 12s 14:57:31
~ ❯ rbw list 14:57:35
WARN: failed to decrypt username: failed to decrypt: failed to decrypt encrypted secret: invalid mac
WARN: failed to decrypt password: failed to decrypt: failed to decrypt encrypted secret: invalid mac
WARN: failed to decrypt uri: failed to decrypt: failed to decrypt encrypted secret: invalid mac
rbw list: failed to decrypt: failed to decrypt encrypted secret: invalid mac
from rbw.
If you can use Rust, Jesse has uploaded the latest version on Crates.
If you can use Conda, we made a build for arch linux-64
.
from rbw.
Related Issues (20)
- HTTPS_PROXY being ignored
- `rbw code UUID` doesn't work with v1.10.0 HOT 2
- TOTP with different algorithm not supported
- `rbw unlock` not working. HOT 14
- Feature request: keep vault open indefinitely HOT 3
- How to debug failed logins? HOT 7
- Pinentry script not working with passwords containing spaces
- Pinentry script not working with 2fa codes
- Add Pinentry script auto setup
- Username or Password are incorrect. Try Again HOT 31
- Unable to `get` entries containing colons in the name HOT 1
- Decryption failed on long Ciphertexts HOT 2
- UUIDs for `edit`, `remove`, and `history` doesn't work
- API endpoint `/accounts/prelogin` to be removed from the official Bitwarden server HOT 3
- new version of 'rbw' struggles with lower case ([a-z]) TOTP secrets and ones with padding - trailing equal signs ('=') HOT 1
- Failed decrypt if only organizations used HOT 1
- request: add --sort-by option to "list" command HOT 1
- SSH-agent protocol HOT 1
- `rbw gen-completions ${shell}` fails for debug build HOT 1
- [question] usage in skripting for AWX Ansible?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rbw.