Bug #14060
closedAuto Config Backup prints a confusing decryption error when using the wrong key
100%
Description
Enable auto config backup from the menu after entering (any) password, save, then disable (uncheck) "Enable ACB" and save on settings tab. Go to restore tab and enter a device key from different system and click submit. Backups are visible from device which key originated, "Restore this revision" and "show info" buttons do not produce desired effect. Attempting to restore produces the following output, we have identified that the initial SHA256 value in the latter part of the returned error is consistent across devices
<SHA256 values do not match, cannot restore. 116b898ea650a7cb25b3822c3709051ae25d27ce320b5bb8cab6a9e002b87860>
Files
Updated by Jim Pingle almost 2 years ago
- Status changed from New to In Progress
- Assignee set to Jim Pingle
- Target version set to 2.7.0
- Private changed from Yes to No
- Plus Target Version set to 23.05
- Affected Plus Version changed from 23.05 to 23.01
It just can't decrypt the config because it isn't using the right encryption key. If you set the correct key then you can view and restore from the other system. Though the error checking isn't reporting that properly, so it could be improved there.
I have a fix.
Updated by Jim Pingle almost 2 years ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset pfsense:5efa3d459f07382c8ab9d487775f07cb1114e212.
Updated by Jordan G almost 2 years ago
that looks better, when I do the same thing I get the following now with that patch applied to 23.01
__
The following input errors were detected:
Could not decrypt config.xml. Check the encryption key and try again: Could not decrypt. Different encryption key?__
Updated by Georgiy Tyutyunnik almost 2 years ago
Tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
patch resolves the issue
Updated by Jim Pingle over 1 year ago
- Project changed from pfSense Packages to pfSense
- Subject changed from Auto Config Backup - decrypted config.xml is under 50 characters to Auto Config Backup prints a confusing decryption error when using the wrong key
- Category changed from AutoConfigBackup to Auto Configuration Backup
- Affected Plus Version deleted (
23.01) - Release Notes set to Default