Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Keepass: invalid password #204

Open
thomas-mc-work opened this issue Oct 1, 2023 · 3 comments
Open

Keepass: invalid password #204

thomas-mc-work opened this issue Oct 1, 2023 · 3 comments

Comments

@thomas-mc-work
Copy link
Contributor

Hello,

I've encountered a strange issue. I want to import from an existing Keepass-Database using this command:

PASSWORD_STORE_DIR=$HOME/.local/share/gopass/stores/root pimport gopass keepassxc 'ecg.kdbx'

The respone is:

Password for ecg.kdbx: 
 [x] Error: invalid credentials, password encryption/decryption aborted.

I can open the file properly using KeePassXC (version 2.7.6 on Xubuntu 22.04.3) and the corresponding password. To verfiy the underlying library I wrote a small test application:

from pykeepass import PyKeePass

kp = PyKeePass('ecg.kdbx', password='123456')
for group in kp.groups:
    print(f'{group.path}')

This is working fine and print all existing groups as expected.

Has anybody an idea what's going wrong here? Can you give me instructions to debug the situation further? Thanks!
@glasseyes
Copy link

glasseyes commented Dec 13, 2023
edited

I think I've had the same issue on Ubuntu 22.04 using the 3.4-1 deb. The problem is at the export to (go)pass end rather than the import from keepassxc end.
I made a test csv to import to pass and it is the same

You can see a bit more by using the -vvv verbosity option.

Check if you have an expired version of your gpg key in a keyring that you used.

@koalp
Copy link

koalp commented Feb 9, 2024
edited

Hello,
I had the same issue because I did not trust the gpg key I used for my vault.
If you have the same issue, you can trust it using

gpg --edit-key KEY_ID
trust

@Mikilio
Copy link

Mikilio commented Mar 2, 2024

In my case, I received this error because pass was fine with the IDs from gpg --list-keys. However, this programs doesn't seem to like them because it relies on a command like this:

gpg --with-colons --batch --list-keys -- <id>

and the output of this with my provided ID for pass looked like this:

gpg: error reading key: No public key

And this apparently doesn't sit well with this program.

Now why exactly I get this error, I don't really want to talk about it, but the takeaway should be that to use this program you should use a gpgid in pass obtained by:

gpg --list-keys --keyid-format <SHORT or LONG>

These should be used without the algorithm's name, like cv25519, etc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@glasseyes @thomas-mc-work @koalp @Mikilio