Significant issue with 2fa
-
@fbartels Well, nuts.
It looks like it is the server thats out of date.
Server is in Germany.Its 20 UTC according to that CLI, but according to
https://time.is/Germany at 4:16 ET it is 10:16 PM Germany time
https://en.wikipedia.org/wiki/Time-based_One-Time_Password
Its in the name
But to be honest more services should fail because of time drifts between client and servers. That they dont fail just means that the applications are creating sessions with too long lifetimes.
-
@privsec So I disabled system Ctl and installed ntp, but it still showing wrong, any pointers?
-
https://en.wikipedia.org/wiki/Time-based_One-Time_Password
Its in the name
But to be honest more services should fail because of time drifts between client and servers. That they dont fail just means that the applications are creating sessions with too long lifetimes.
@fbartels So I may be lied to about the whereabouts of my server hosting, and ill have to discuss that, as I just ran through this https://www.edmundofuentes.com/blog/2018/11/19/enable-ntp-ubuntu-18-04/
ntpd: time slew +0.010236 sSo my server does not actually seem to be the cause of the problem here
-
@fbartels So I may be lied to about the whereabouts of my server hosting, and ill have to discuss that, as I just ran through this https://www.edmundofuentes.com/blog/2018/11/19/enable-ntp-ubuntu-18-04/
ntpd: time slew +0.010236 sSo my server does not actually seem to be the cause of the problem here
-
I have submitted a help desk ticket, I am at a loss here. I dont know whats wrong with this.
-
@privsec could it be that systemd nowadays slowly adjusts the leak to prevent time jumps?
So is the
drivetime drift reducing? -
@privsec having the server in UTC is correct. For things like backups and update schedules, you can set the timezone via the dashboard, but this would not affect the server's time setting as reported by timedatectl From you thread so far, I lost track if you have an issue with the time being off by that much or not? TOTP mostly has some 1minute timeframe, so the time drift would be quite big.
Besides that, the root cause could also be that the bitwarden app as such is running on the wrong timezone? You could try to get the time the app sees when using the webterminal into the app from the Cloudron dashboard.
-
@privsec having the server in UTC is correct. For things like backups and update schedules, you can set the timezone via the dashboard, but this would not affect the server's time setting as reported by timedatectl From you thread so far, I lost track if you have an issue with the time being off by that much or not? TOTP mostly has some 1minute timeframe, so the time drift would be quite big.
Besides that, the root cause could also be that the bitwarden app as such is running on the wrong timezone? You could try to get the time the app sees when using the webterminal into the app from the Cloudron dashboard.
@nebulon
At 1:58pm EST, the Bitwarden app sees the date as
Which according to http://www.timebie.com/timezone/universalgermany.php
Is almost 8pm In Germany, and according to
https://time.is/Germany
This is accurate
I use 2fa within bitwarden for apps and services such as github and social media and streaming services.
I need the 2fa functionality to work.
-
You can disable 2FA for a user using the instructions here - https://docs.cloudron.io/user-management/#disable-2fa .
-
