Bitwarden Android Beta (2024.12.0 (19597)) fails to sync with SSH keys #5322
Comments
|
Vaultwarden doesn't have anything special for this except that it returns the json blob exactly as received. It probably means the stored data is not valid i think. But i haven't checked it. Does the fingerprint show in the desktop client? |
|
Yes, on desktop client with Linux and Windows SSH key features (add, list, edit, etc...) works well. |
|
Could you check the database for this specific key and what is in the data column? |
|
Here is the data for the SSH key row. |
|
Not sure how your export was done because of the double Ill have to check my self how this is returned to the client then. |
|
I've corrected it by changing the export format. |
|
You could try to install the dev version of the Android client which should output the request and response data of the http call. Which in turn should show if the data is there or not. |
|
I completely wiped all SSH key rows from the database and reimported keys, and the symptoms disappeared. |
|
hi there. I'm having the same problem and I've found the cause of it here's a log from the app: turns out that either way, I don't think it makes sense for the backend to allow such keys, since clients will reject anything that appears to be an invalid key |
|
The problem is, that we actually do not care what the data object is and how this is formed. The main reason for us to not care on what the clients are sending as data blob, is that new features or additions which are done via that data blob will just work out-of-the-box, without us having to update it every time. It has the downside of these kind of issue. What we currently do is fix the output of the sync. But, yes this is because of the clients not sending the correct data back to the server, and could be a faulty client indeed. |
If any of the mandatory ssh-key json data values are not a string or are an empty string, this will break the mobile clients. This commit fixes this by checking if any of the values are missing or invalid and converts the json data to `null`. It will ensure the clients can sync and show the vault. Fixes dani-garcia#5343 Fixes dani-garcia#5322 Signed-off-by: BlackDex <black.dex@gmail.com>
* Refactor the uri match change Refactored the uri match fix to also convert numbers within a string to an int. If it fails it will be null. Signed-off-by: BlackDex <black.dex@gmail.com> * Fix ssh-key sync issues If any of the mandatory ssh-key json data values are not a string or are an empty string, this will break the mobile clients. This commit fixes this by checking if any of the values are missing or invalid and converts the json data to `null`. It will ensure the clients can sync and show the vault. Fixes #5343 Fixes #5322 Signed-off-by: BlackDex <black.dex@gmail.com> --------- Signed-off-by: BlackDex <black.dex@gmail.com>
Vaultwarden Support String
Your environment (Generated via diagnostics page)
EXPERIMENTAL_CLIENT_FEATURE_FLAGS=ssh-key-vault-item,ssh-agent
Config & Details (Generated via diagnostics page)
Show Config & Details
Environment settings which are overridden: ADMIN_TOKEN
Config:
{ "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "**********://********************,*********************************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://***************************", "domain_origin": "*****://***************************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "ssh-key-vault-item,ssh-agent", "extended_logging": true, "helo_name": null, "hibp_api_key": "***", "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": false, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "warn", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": false, "password_iterations": 600000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "*****************", "smtp_from_name": "Vaultwarden", "smtp_host": "********************", "smtp_password": "***", "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "*******", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null }Vaultwarden Build Version
v1.32.7
Deployment method
Official Container Image
Custom deployment method
No response
Reverse Proxy
nginx/1.27.2
Host/Server Operating System
Linux
Operating System Version
6.12.4-arch1-1 x86_64 GNU/Linux
Clients
Android
Client Version
Android Beta 2024.12.0 (19597)
Steps To Reproduce
Expected Result
Sync success
Actual Result
Sync failed
Logs
Bitwarden Android Beta:
adb logcatlogThe log reports
Network Error: https://api.bitwarden.com/syncbut I'm connecting to Vaultwarden so that can be ignored.Screenshots or Videos
No response
Additional Context
Details
Bitwarden Android Beta requires
ciphers.sshKey.keyFingerprint, but Vaultwarden's/api/syncdoes not return this property.This bug does not occur if the SSH key is not in the vault.
Vaultwarden's SSH key feature works well with the Desktop client.
The text was updated successfully, but these errors were encountered: