• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Extension Google-Authenticator

UHolthausen

UHolthausen

Regular Pleskian
Server operating system version
Debian 10.13
Plesk version and microupdate number
Plesk Obsidian Version 18.0.55
Hello

When I am on the plesk interface and the time for google-authenticator runs out, there is a syntaxerror, see screenshot

is this supposed to be like this, actually the screen of google-auth should be seen.
 

Attachments

  • google-auth.png
    google-auth.png
    411.5 KB · Views: 8
Hello

I'm sorry, perhaps too imprecisely described.

A certain number of days are set, e.g. 3 days, after which you have to identify yourself again.
If you are online exactly at the end of the three days, this crash occurs.

Of course, if you click on "Home", you are immediately on the right page and can authorise yourself.

Simply a beauty mistake
 
Do you mean the "Session Idle Time" setting in Tools & Settings > Security > Session Idle Time? Where do you set the "certain number of days"? Or is this about the "Remember device in days" field in the Google Authenticator extension setting? That should not have any influence on the current login status, it only defines that upon the next login, if the period has expired, you'll be prompted. Again, we'll need steps to reproduce instructions to being able to check it.
 
Hello Peter

The code is set for three days, after which a new code must be entered.
If you are online on the Plesk interface at the end of this time, the screen where you enter the code should actually appear. Instead, the syntax error appears, only by clicking on start page, the correct page appears.

german version:

eingestellt sind drei Tage, danach muss ein neuer Code eingegeben weden.
Ist man zum Ablauf dieser Zeit online auf der Pleskoberfläche, muss- sollte eigentlich der Screen erscheinen, wo man die Code eingibt. Stattdessen erscheint der Syntaxerror, erst durch einen Klick auf Startseite, kommt die korrekte Seite
 
Peter Debik said:
Do you mean the "Session Idle Time" setting in Tools & Settings > Security > Session Idle Time? Where do you set the "certain number of days"? Or is this about the "Remember device in days" field in the Google Authenticator extension setting?
Click to expand...
--> I still don't know WHERE you enter the "3 days".
 
Hello

here is a screenshot for the time period and online more than this period causing the syntax error. sorry, cant explain it better
 

Attachments

  • google_auth.png
    google_auth.png
    269.6 KB · Views: 3
Ah, o.k., this is the field you meant. I'll try to verify it here. It'll take a day or two ;-)
 
I've set-up a test server for it, but of course it also needed a very long session idle time so that the running session does not expire. I've set this to 2880 minutes (2 days) and the Google Authenticator "Remember device in days" to 1 day. I'll check tomorrow if this works.

So just to make sure I am getting you right: You leave your login "on" and your browser connected for more than three days in a row, so basically it is "always on"? And your session idle time is filled with what number of minutes then? It must be even larger, several thousands probably, right?
 
Hello

It is not necessary to be permanently online for the whole two days. It is possible to log in within these 2 days without renewed authentication. A new code is only required after the 2 days have elapsed. If you are online then, the syntax error mentioned occurs
 
O.k., I see. I should have seen the same symptom here, because I am basically online on a whole lot of 2FA protected Plesk servers all the time, so during the past years it should have occured sometimes that 2FA expires while I was still logged in. Considering the number of online states I generate daily the described error scenario seems to be quite rare. I am curious how it'll turn out tomorrow.
 
I was not able to confirm the issue. This morning I checked before the 1-day-deadline expired and everything was o.k., I was still logged in (I left the system in the "logged in" state overnight). Now, at 11 am, I checked again, which is 24 hours later, and I was logged out, but no error shown. It was just an ordinary logout. Upon a new login attempt, Google Authenticator asked me to provide the key, but again no error shown.

I think it is safe to conclude that the reported error page has a different cause.
 
Hello

Thank you very much, I will check the logs again for the next event, but I don't have much hope. So far I have not been able to find any abnormalities or clues.
 
You must log in or register to reply here.

Similar threads

N
Resolved Plesk MFA/Google Auth stopped working on version 18.0.64
Replies
4
Views
167
nogray
N
Hangover2
Forwarded to devs Advisor Extension Recommends Installing Unsupported Google Authenticator Extension
Replies
1
Views
340
Sebahat.hadzhi
Sebahat.hadzhi
P
Resolved Multi-Factor Authentication (MFA) extension does not remember device
Replies
10
Views
1K
pleskuser67553
P
P
Forwarded to devs Event 'CP User Login' triggered despite invalid additional authentication step (MFA)
Replies
2
Views
708
Kaspar@Plesk
Kaspar@Plesk
J.Wick
Resolved Plesk 18.0.61 Login Problem w/ Google Auth/MFA & Cloudflare
Replies
16
Views
2K
svehei
svehei
Back
Top