Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bug] Can't login to admin page Crypto/aes: invalid key size 13 #664

Open
Explosion-Scratch opened this issue Jan 26, 2024 · 2 comments
Open

[bug] Can't login to admin page Crypto/aes: invalid key size 13 #664

Explosion-Scratch opened this issue Jan 26, 2024 · 2 comments

Comments

@Explosion-Scratch
Copy link

Description of the bug

I've just set up filestash and I set an admin password which seemed to set correctly. After a about a minute of configuring the admin page after setting the admin password I was auto logged out and an "Oops" error appeared.

Step by step instructions to reproduce the bug

Can you replicate that error from the demo?

No, but I don't know the admin password

Observed behavior

Upon entering an incorrect I get {"status":"error","message":"Invalid Password"} (expected), but with the correct password I get the following:

{"status":"error","message":"Crypto/aes: invalid key size 13"}
POST
	https://[MY_DOMAIN]/admin/api/session
Request body: password: "correct password here"

Expected behavior

I can login

I've tried resetting the docker container multiple times but it doesn't work

config.json 
{
    "general": {
        "name": null,
        "port": null,
        "host": "drive.tjs.best",
        "secret_key": "password",
        "force_ssl": null,
        "editor": null,
        "fork_button": false,
        "logout": null,
        "display_hidden": null,
        "refresh_after_upload": null,
        "upload_button": null,
        "upload_pool_size": null,
        "filepage_default_view": null,
        "filepage_default_sort": null,
        "cookie_timeout": null,
        "custom_css": null
    },
    "features": {
        "api": {
            "enable": null,
            "api_key": null
        },
        "share": {
            "enable": null,
            "default_access": null,
            "redirect": null
        },
        "protection": {
            "iframe": null,
            "enable_chromecast": null,
            "zip_timeout": null,
            "ls_timeout": null,
            "enable": null,
            "disable_svg": null
        },
        "office": {
            "enable": null,
            "onlyoffice_server": null,
            "can_download": null
        },
        "server": {
            "console_enable": null
        },
        "search": {
            "explore_timeout": null
        },
        "video": {
            "blacklist_format": null,
            "enable_transcoder": null
        }
    },
    "log": {
        "enable": null,
        "level": null,
        "telemetry": null
    },
    "email": {
        "server": null,
        "port": null,
        "username": "tjs",
        "password": null,
        "from": null
    },
    "auth": {
        "admin": "$2y$12$gvsyv.kVu8laKZ3pnukq.ut/W8QVqrSamPMQbpYWLpaq/qWkYk3Em"
    },
    "middleware": {
        "identity_provider": {
            "type": "admin",
            "params": "3ckjRrguapOXaIzWceG1oIQeq-jwVZhAjzkUFycy3bxqF8CiUe2cUXz-ebmmTeFRZ6qtVQdS4HUycIOkOSzBvEdcUTbO0BSw3ontKwU0"
        },
        "attribute_mapping": {
            "related_backend": "nop"
        }
    },
    "constant": {
        "user": "filestash",
        "emacs": false,
        "pdftotext": false
    },
    "connections": [
        {
            "label": "SFTP",
            "type": "sftp"
        },
        {
            "label": "S3",
            "type": "s3"
        },
        {
            "label": "FTP",
            "type": "ftp"
        },
        {
            "label": "WebDAV",
            "type": "webdav"
        }
    ]
}
docker-compose.yml 
version: "2"
services:
  filestash:
    container_name: filestash
    image: machines/filestash:latest
    restart: unless-stopped
    environment:
      - APPLICATION_URL=${APP_DOMAIN}
      - GDRIVE_CLIENT_ID=${FILESTASH_GDRIVE_CLIENT_ID}
      - GDRIVE_CLIENT_SECRET=${FILESTASH_GDRIVE_CLIENT_SECRET}
      - DROPBOX_CLIENT_ID=${FILESTASH_DROPBOX_CLIENT_ID}
      - ONLYOFFICE_URL=http://filestash-onlyoffice
    volumes:
      - /home/myusername:/home/filestash
      - ${APP_DATA_DIR}/data:/app/data/state/
    ports:
      - ${APP_PORT}:8334
    depends_on:
      - filestash-onlyoffice
    networks:
      - tipi_main_network
    labels:
      # Main
      traefik.enable: true
      traefik.http.middlewares.filestash-web-redirect.redirectscheme.scheme: https
      traefik.http.services.filestash.loadbalancer.server.port: 8334
      # Web
      traefik.http.routers.filestash-insecure.rule: Host(`${APP_DOMAIN}`)
      traefik.http.routers.filestash-insecure.entrypoints: web
      traefik.http.routers.filestash-insecure.service: filestash
      traefik.http.routers.filestash-insecure.middlewares: filestash-web-redirect
      # Websecure
      traefik.http.routers.filestash.rule: Host(`${APP_DOMAIN}`)
      traefik.http.routers.filestash.entrypoints: websecure
      traefik.http.routers.filestash.service: filestash
      traefik.http.routers.filestash.tls.certresolver: myresolver
      # Local domain
      traefik.http.routers.filestash-local-insecure.rule: Host(`filestash.${LOCAL_DOMAIN}`)
      traefik.http.routers.filestash-local-insecure.entrypoints: web
      traefik.http.routers.filestash-local-insecure.service: filestash
      traefik.http.routers.filestash-local-insecure.middlewares: filestash-web-redirect
      # Local domain secure
      traefik.http.routers.filestash-local.rule: Host(`filestash.${LOCAL_DOMAIN}`)
      traefik.http.routers.filestash-local.entrypoints: websecure
      traefik.http.routers.filestash-local.service: filestash
      traefik.http.routers.filestash-local.tls: true

  filestash-onlyoffice:
    container_name: filestash_oods
    image: onlyoffice/documentserver:7.3.3.50
    restart: unless-stopped
    security_opt:
      - seccomp:unconfined
    networks:
      - tipi_main_network
@mickael-kerjean
Copy link
Owner 

{
    "general": {
        "name": null,
        "port": null,
        "host": "drive.tjs.best",
        "secret_key": "password",
        "force_ssl": null,
        "editor": null,
        "fork_button": false,

The secret key is randomly generated, if you try to tamper with this and don't follow the rules of how it get generated internally, you get all sort of weird issues like the one you described. At this stage your best is to remote the entire secret_key field and let Filestash regenerate a new one for you

@Explosion-Scratch
Copy link
Author 

{
    "general": {
        "name": null,
        "port": null,
        "host": "drive.tjs.best",
        "secret_key": "password",
        "force_ssl": null,
        "editor": null,
        "fork_button": false,

The secret key is randomly generated, if you try to tamper with this and don't follow the rules of how it get generated internally, you get all sort of weird issues like the one you described. At this stage your best is to remote the entire secret_key field and let Filestash regenerate a new one for you

I only changed it for the comment. This happens without doing anything to config

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mickael-kerjean @Explosion-Scratch