I'm running GitLab 10.2.2 and Two Factor Authentication (2FA) doesn't work at all. I shortly migrated and upgraded the GitLab instance. I just copied the old config/secrets.yml with the base key to its place. But even if I don't I should be able to activate 2FA.
When I try to activate 2FA, the logs says:
==> production.log <==
Started GET "/profile/two_factor_auth" for 87.138.100.36 at 2017-11-29 16:52:59 +0100
Processing by Profiles::TwoFactorAuthsController#show as HTML
Completed 500 Internal Server Error in 191ms (ActiveRecord: 4.1ms)
ArgumentError (must specify a key):
app/controllers/profiles/two_factor_auths_controller.rb:6:in `show'
lib/gitlab/i18n.rb:47:in `with_locale'
lib/gitlab/i18n.rb:53:in `with_user_locale'
app/controllers/application_controller.rb:340:in `set_locale'
lib/gitlab/middleware/multipart.rb:93:in `call'
lib/gitlab/request_profiler/middleware.rb:14:in `call'
lib/gitlab/middleware/go.rb:18:in `call'
lib/gitlab/etag_caching/middleware.rb:11:in `call'
lib/gitlab/middleware/read_only.rb:31:in `call'
lib/gitlab/request_context.rb:18:in `call'
lib/gitlab/metrics/requests_rack_middleware.rb:27:in `call'
Another user with already enabled 2FA can't login anymore with nearly the same error.
Does someone know how to fix it?
The solution was not that obvious. I updated libssl and libssl-dev to 1.1.0 (by sury). I uninstalled all Gems and reinstalled them. Some parts getting compiled again against the new libssl. And after that 2FA worked without an error.
# add sury APT repo
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update
# update libssl
sudo apt-get install libssl libssl-dev
# uninstall all Gems
# https://stackoverflow.com/a/21385516/3898725
bundle list | ruby -e 'ARGF.readlines[1..-1].each {|l| g = l.split(" "); puts "Removing #{g[1]}"; `gem uninstall --force #{g[1]} -v #{g[2].gsub(/\(|\)/, "")}`; }'
# reinstall all gems (with MySQL)
sudo -u git -H bundle install --without postgres development test --deployment