After upgrading to Nextcloud Vers. 21, logged-in users are always logged out after a few minutes (==> Fido2/webauthn ! Users only)

After upgrading to Nextcloud Vers. 21, logged-in users are always logged out after a few minutes. Does anyone have a clue about this? Are there others with the same problem?

This problem did not exist before.

We have users who log in via the TOTP procedure and users who log in via U2F and Fido2.

Nextcloud Version 21.0.1
PhP Version: 7.3.16

I personally cannot replicate that problem on my server. Are there any errors listed in the Nextcloud log file? Is the system clock synced via NTP?

This is what I found quickly

We were able to narrow it down. There seems to be a problem with users who use security keys for login.
We have a lot of Yubico Fido2 keys in use at our training centre.

Over half of our staff use the keys and now have a real problem. They are logged out of the system after a few minutes. We have been able to use the sticks for about 6 months without any problems.
Users with TOTP login as 2nd factor are not affected.

If this is a bug, then I really ask that it be solved quickly. Please

See Logintoken are Invalidated 21.0.1 · Issue #26502 · nextcloud/server · GitHub


Thanks for the hint,…was already looking in Github :+1:

This seems to be a really big problem! I wonder why no one seems to be working on the solution yet. This is not a common bug…so far there is no feedback at all

Login via Webauth device dosent work. The issue regarding Wewbauthn has worsened since the last update 21.0.2. Webauthn login generally no longer works.
user son1c opened a new bug report about this 2 weeks ago.
Please use the reaction to show that you are affected by the same issue.

Add a Webauth device to a user (a Yubikey)
Login with the Webauth device
1 Like

it looks number of problems are related to webauthn login

I am really increasingly very surprised about the actions of Nextcloud. In my opinion, this is a major problem and should be solved as quickly as possible. Instead, we now have NC 21.0.2 and the issue has even gotten worse. I don’t even know if the developers are addressing the issue. That alone would be reassuring to know. In Nextcloud 19, this feature was very strongly advertised! It doesn’t seem to be a high priority. I’m very curious to see if NC 21.0.3 solves the problem.

1 Like