Steps to reproduce
- TOTP 0.7.2 activated on OC 10.7.0.4 and used for years. All a sudden, I got authentication errors and could not log in to my admin account
- I had to log in on console on the server and disable the app for my user ID to go through
- Reactivated the app from the web console to get a new QR code to register with FreeOTP, or Google Authenticator.
Expected behaviour
Code verified and and 2FA registred with the app
Actual behaviour
I keep getting ‘Code not verified’, so I cannot use anymore the app
Server configuration
Operating system:
Ubuntu 18.04 LTS
Web server:
Apache 2.4.29
Database:
Mysql 5.7.34
PHP version:
PHP 7.2.24
ownCloud version: (see ownCloud admin page)
10.7.0.4
Updated from an older ownCloud or fresh install:
10.6.0.5
Where did you install ownCloud from:
Owncloud web site
Signing status (ownCloud 9.0 and above):
No errors have been found.
Login as admin user into your ownCloud and access
http://example.com/index.php/settings/integrity/failed
paste the results into https://gist.github.com/ and puth the link here.
The content of config/config.php:
Log in to the web-UI with an administrator account and click on
'admin' -> 'Generate Config Report' -> 'Download ownCloud config report'
This report includes the config.php settings, the list of activated apps
and other details in a well sanitized form.
or
If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your ownCloud installation folder
*ATTENTION:* Do not post your config.php file in public as is. Please use one of the above
methods whenever possible. Both, the generated reports from the web-ui and from occ config:list
consistently remove sensitive data. You still may want to review the report before sending.
If done manually then it is critical for your own privacy to dilligently
remove *all* host names, passwords, usernames, salts and other credentials before posting.
You should assume that attackers find such information and will use them against your systems.
List of activated apps:
If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your ownCloud installation folder.
Enabled:
- activity:
- Version: 2.6.0
- Path: /var/www/html/owncloud/apps-external/activity
- afterlogic:
- Version: 1.2.3
- Path: /var/www/html/owncloud/apps-external/afterlogic
- announcementcenter:
- Version: 1.2.2
- Path: /var/www/html/owncloud/apps-external/announcementcenter
- bookmarks:
- Version: 0.10.6
- Path: /var/www/html/owncloud/apps-external/bookmarks
- brute_force_protection:
- Version: 1.1.0
- Path: /var/www/html/owncloud/apps-external/brute_force_protection
- calendar:
- Version: 1.6.4
- Path: /var/www/html/owncloud/apps-external/calendar
- carnet:
- Version: 0.19.1
- Path: /var/www/html/owncloud/apps-external/carnet
- checksum:
- Version: 0.3.5
- Path: /var/www/html/owncloud/apps-external/checksum
- comments:
- Version: 0.3.0
- Path: /var/www/html/owncloud/apps/comments
- configreport:
- Version: 0.2.0
- Path: /var/www/html/owncloud/apps/configreport
- contacts:
- Version: 1.5.5
- Path: /var/www/html/owncloud/apps-external/contacts
- customgroups:
- Version: 0.6.2
- Path: /var/www/html/owncloud/apps-external/customgroups
- dav:
- Version: 0.6.0
- Path: /var/www/html/owncloud/apps/dav
- drawio:
- Version: 0.0.9
- Path: /var/www/html/owncloud/apps-external/drawio
- external:
- Version: 1.4.0
- Path: /var/www/html/owncloud/apps/external
- extract:
- Version: 1.2.4
- Path: /var/www/html/owncloud/apps-external/extract
- federatedfilesharing:
- Version: 0.5.0
- Path: /var/www/html/owncloud/apps/federatedfilesharing
- federation:
- Version: 0.1.0
- Path: /var/www/html/owncloud/apps/federation
- files:
- Version: 1.5.2
- Path: /var/www/html/owncloud/apps/files
- files_antivirus:
- Version: 1.0.0
- Path: /var/www/html/owncloud/apps-external/files_antivirus
- files_clipboard:
- Version: 1.0.3
- Path: /var/www/html/owncloud/apps-external/files_clipboard
- files_external:
- Version: 0.7.1
- Path: /var/www/html/owncloud/apps/files_external
- files_external_dropbox:
- Version: 1.2.0
- Path: /var/www/html/owncloud/apps-external/files_external_dropbox
- files_external_ftp:
- Version: 0.2.1
- Path: /var/www/html/owncloud/apps-external/files_external_ftp
- files_external_s3:
- Version: 1.0.0
- Path: /var/www/html/owncloud/apps-external/files_external_s3
- files_mediaviewer:
- Version: 1.0.4
- Path: /var/www/html/owncloud/apps/files_mediaviewer
- files_pdfviewer:
- Version: 1.0.0
- Path: /var/www/html/owncloud/apps-external/files_pdfviewer
- files_primary_s3:
- Version: 1.1.2
- Path: /var/www/html/owncloud/apps-external/files_primary_s3
- files_sharing:
- Version: 0.14.0
- Path: /var/www/html/owncloud/apps/files_sharing
- files_texteditor:
- Version: 2.3.1
- Path: /var/www/html/owncloud/apps-external/files_texteditor
- files_trashbin:
- Version: 0.9.1
- Path: /var/www/html/owncloud/apps/files_trashbin
- files_versions:
- Version: 1.3.0
- Path: /var/www/html/owncloud/apps/files_versions
- files_videoplayer:
- Version: 0.10.1
- Path: /var/www/html/owncloud/apps/files_videoplayer
- firstrunwizard:
- Version: 1.2.0
- Path: /var/www/html/owncloud/apps/firstrunwizard
- gallery:
- Version: 16.1.1
- Path: /var/www/html/owncloud/apps-external/gallery
- guests:
- Version: 0.9.3
- Path: /var/www/html/owncloud/apps-external/guests
- impersonate:
- Version: 0.5.0
- Path: /var/www/html/owncloud/apps-external/impersonate
- market:
- Version: 0.6.1
- Path: /var/www/html/owncloud/apps-external/market
- music:
- Version: 1.3.2
- Path: /var/www/html/owncloud/apps-external/music
- notes:
- Version: 2.0.6
- Path: /var/www/html/owncloud/apps-external/notes
- notifications:
- Version: 0.5.2
- Path: /var/www/html/owncloud/apps/notifications
- oauth2:
- Version: 0.5.0
- Path: /var/www/html/owncloud/apps-external/oauth2
- onlyoffice:
- Version: 7.1.1
- Path: /var/www/html/owncloud/apps-external/onlyoffice
- password_policy:
- Version: 2.1.2
- Path: /var/www/html/owncloud/apps-external/password_policy
- provisioning_api:
- Version: 0.5.0
- Path: /var/www/html/owncloud/apps/provisioning_api
- systemtags:
- Version: 0.3.0
- Path: /var/www/html/owncloud/apps/systemtags
- tasks:
- Version: 0.9.7
- Path: /var/www/html/owncloud/apps-external/tasks
- templateeditor:
- Version: 0.4.0
- Path: /var/www/html/owncloud/apps-external/templateeditor
- twofactor_totp:
- Version: 0.7.2
- Path: /var/www/html/owncloud/apps-external/twofactor_totp
- updatenotification:
- Version: 0.2.1
- Path: /var/www/html/owncloud/apps/updatenotification
- web:
- Version: 3.4.1
- Path: /var/www/html/owncloud/apps-external/web
Disabled:
- encryption:
- Path: /var/www/html/owncloud/apps/encryption
- user_external:
- Path: /var/www/html/owncloud/apps/user_external
Are you using external storage, if yes which one: local/smb/sftp/…
Are you using encryption: yes/no
no
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/…
no
LDAP configuration (delete this part if not used)
With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your ownCloud installation folder
Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';
Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.
Client configuration
Browser:
Firefox latest, Chrome, latest
Operating system:
Windows, Ubuntu
Logs
Web server error log
Insert your webserver log here
ownCloud log (data/owncloud.log)
Insert your ownCloud log here
Browser log
Insert your browser log here, this could for example include:
a) The javascript console log
b) The network log
c) ...