Unknown error while logging in. "The key {57f6aac5-0b7b-48a3-8606-5276382d14d9} was not found in the key ring."

I imported my vault from another installation and got the red box Unknown error when I tried to log in. This was after putting in user/pass but before 2FA. This error is in bwdata-logs-identity-Identity-20230809.txt

[Fatal] Unhandled exception: “The key {57f6aac5-0b7b-48a3-8606-5276382d14d9} was not found in the key ring. For more information go to GitHub - dotnet/aspnetcore: ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.”
System.Security.Cryptography.CryptographicException: The key {57f6aac5-0b7b-48a3-8606-5276382d14d9} was not found in the key ring. For more information go to GitHub - dotnet/aspnetcore: ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux. at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)

This is on Arch Linux. Am I just missing a gpg key? There are Microsoft.AspNetCore errors following it. Thanks!
Koset

I seem to have found a workaround. I rebuilt the whole installation and instead of importing the whole vault, I just imported my user account.

Anyone else have a better solution? The above is not viable for anything larger than a single user installation.

Why downvote? Just because the workaround is too burdensome for you, it probably is pretty useful for many.

I have found a solution to the problem. You need to copy over keys from bwdata/core/aspnet-dataprotection to your new server. Not all of Bitwarden’s secret material is within the MSSQL database.

If this is Kubernetes, you need to drop this into the PVC that’s holding your bitwarden-self-host-dataprotection PVC. This can be done through going into the identity container which has it mounted: kubectl exec -it <identity pod name> -- bash and cd into /etc/bitwarden/core/aspnet-dataprotection and paste the keys there. chown them for the bitwarden user and chmod 600 the keys too. This avoids having to do a full database import.

Re the downvote, I’m sure you’re a nice person, I don’t mean to offend you. It was directed at the unscalability of the solution not the human behind the answer.

I’m not offended. The problem is that most discussion forums (including this one) accumulate up/down votes towards the account, affecting the person’s reputation. So I tend to reserve downvotes for things that are harmful, offensive, or wrong.

We are fortunate to now have two solutions:

@koset’s has the advantage of not requiring OS-level knowledge and being available a year earlier.

@abc’s has the advantage of not depending upon a potentially out-dated export.

Since both solutions work (for their respective audiences), I feel that both deserve a thumbs-up.

You raise a point. I don’t care enough myself for these forums due to infrequent posting, but have given you two thumbs up for the trouble.

Interesting concept, nonetheless. So if your solution is for someone else not enough, your solution should get a downvote?