Authenticator problem

I’m trying to get gnome-authenticator running on my phone. I actually had it running before I had to re-flash my phone but now it will not run. Installs fine but does not execute. After running the flatpak command from the command line to see what’s going on I get this:

urism@pureos:~$ flatpak run com.belmoussaoui.Authenticator
2023-01-27T14:37:00.005782Z INFO authenticator::application: Authenticator (com.belmoussaoui.Authenticator)
2023-01-27T14:37:00.008669Z INFO authenticator::application: Version: 4.2.0 ()
2023-01-27T14:37:00.008705Z INFO authenticator::application: Datadir: /app/share/authenticator
2023-01-27T14:37:00.047142Z INFO authenticator::application: Migrating the secrets to the file backend
2023-01-27T14:37:00.170576Z ERROR authenticator::application: Failed to migrate your data Portal error Portal request was cancelled
thread ‘main’ panicked at ‘Failed to start a location service: Portal(CancelledPortalRequest)’, src/
note: run with RUST_BACKTRACE=1 environment variable to display a backtrace

Anyone have an idea what the issue is here?

note: I did run with the RUST_BACKTRACE=1 env variable which yielded no new information.

The gnome keyring doesn’t unlocks by it’s own on start as far a I know, try unlocking it using the app named Seahorse before launching it.

I loaded the Seahorse app and the icon for the default keyring shows it unlocked…but there wasn’t an entry for Authenticator…so I’m stumped.

Maybe you do not want to use oauth on the phone itself.

Sometimes you might start to use the phone connected to a dock like a desktop or a notebook. If you do so and you start to log into places using Authenticator running on the same cpu you loose your second factor.

You can work around that problem by e.g. using the LibremKey or a NitroKey to generate your access codes.

I taped an usb-a usb-c adaptor to my LibremKey to use it with the phone and with my notebook. Works like a charm and once I have the access I need I can disconnect it and the phone/computer I’m working on couldn’t be used to log in elsewhere.

There are also other cool gadgets to be used to generate the access codes like e.g. this :smile:.

So how would I use the librem key with a website looking for a 6 digit 2FA key?

It depends on the side and how it offers to configure TOTP.

You’d need the package nitrokey-app to configure the Librem/NitroKey.

I use nitrokey-authenticator to generate keys to log in, but that comes from Debian Bullseye Backports and doesn’t seem to be available in the PureOS repo.

Bildschirmfoto von 2023-01-29 10-42-52

But it also works with the nitrokey-app.

Bildschirmfoto von 2023-01-29 10-41-39

The gpg key on my LibremKey is used to unlock my pass password store passwords and to open my tomb containing the files (pass-extension-tomb).

That’s great and all but it doesn’t solve my issue with Authenticator not launching.

True, but could have been that your issue would not have been relevant anymore (social workaround :grey_question: :wink:).

Another try: authenticator starts fine on my Librem5 (still being used as a 2nd factor to check on the integrity of my Librem14):

  Installiert:           3.32.2+dfsg1-2
  Installationskandidat: 3.32.2+dfsg1-2

The problem seems to be related to the flatpak. Is there a reason you need to use the flatpak instead of the PureOS/Debian package?

The error from the flatpak version of gnome-authenticator made me suspect some dbus component was missing our out of date.

After a bit of looking I noticed the version of gnome-keyring in PureOS is pretty old at 3.36 (which was in Debian in 2020). I tried the flatpak version 4.2.0 of gnome-authenticator on desktop Debian and Mobian which worked, and but both of those have gnome-keyring 3.42.

I rebuilt the Debian 3.42 source package of gnome-keyring for PureOS byzantium and installed it on the phone, and after that the gnome-authenticator flatpak loaded.