ok just rolled our creds.

any other instance admins feel free to reach out to me if you're having issues with the key change process!

@sharktopus any issues with turning 2FA back on at the user level? Mine is bombing.

@pylorns those are the only keys I didn't roll because I was worried about locking users out accidentally. I'd just try to revert to the old values for now

@sharktopus nope didn’t lock anyone out, got that working as I turned it off for everyone. Buutttt now we can’t turn it back on.

@pylorns the original patch instructions? can you link me to the script if its public?


from @href

non-docker: "User.update_all(otp_required_for_login: false, encrypted_otp_secret: nil)"

So a more correct SQL query would be for you to run now

UPDATE users SET encrypted_otp_secret = null WHERE encrypted_otp_secret IS NOT NULL

to totally erase the otp config.

@pylorns @href ah ok, and you're getting error output or it just doesnt save the secret value? how in particular is it not turning on?

It just says "we're sorry we;re having trouble" - when you go to preferences and try to turn it on. I haven't dug any deeper. I put a new key in my config, but no dice. Haven't spent any more time on it today though.

@pylorns yeah so there should be an error getting logged somewhere, I run rollbar and send my exceptions/errors to a third party aggregator but there's probably a simple way to enable local console output if it's not there already

just need some more info on what exactly is causing the issue, I don't see anything obvious in the code ive checked that would be blowing up just by setting that field to null

@sharktopus Yeah I'm going to trouble shoot more tomorrow.

Sign in to participate in the conversation is a paid signup Mastodon instance funded directly by users purchasing accounts for just $5. An inexpensive alternative to free signup platforms, we impose direct economic cost on trolls who want to avoid blocks by creating many accounts. This instance will actively respond to any problematic users.