Support

UNiTE, Remote CLI, eXtract Wizard

#28818 Remote CLI error #36

Posted in ‘UNiTE and Remote CLI’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

PHP version
n/a
Tool
UNiTE
Tool version
n/a

Latest post by on Wednesday, 03 January 2018 17:17 CST

jtalbot
I didn't notice until now, but remote CLI stopped working on September 19 (2017) (was working fine for years before that). Here is the log I see:

php "...\remote.phar" --action=test --nocolor --host=https://www. ... .com --secret=...
Akeeba Remote Control CLI 1.3 (2016-10-11)
Copyright -®2008-2016 Nicholas K. Dionysopoulos / AkeebaBackup.com
--------------------------------------------------------------------------------
This program comes with ABSOLUTELY NO WARRANTY. This is Free Software and you
are welcome to redistribute it under certain conditions. Use command line
option --license for details.
--------------------------------------------------------------------------------

===============================================================================
ERROR:
Error #36: Your server does not seem to be compatible with Remote Control
===============================================================================

I turned off SEF on the site (using Joomla Global Configuration SEO settings) and re-ran the test and the result was the same.

I tried opening https://www. ... .com/index.php?option=com_akeeba&view=json directly in a web browser and got:
###{"encapsulation":1,"body":{"status":500,"data":"\"JSON decoding error\""}}###

(with or without SEF turned on)

I am using shared hostgator hosting, Joomla 3.7.5, php 5.6.30.

jtalbot
Just some additional info:

I use my own component using joomla's json and that works fine:
https://www. ... .com/index.php?option=com_mycomponent&task=mytask&format=json

nicholas
Akeeba Staff
Manager
You are making incorrect assumptions. When you are accessing the /index.php?option=com_akeeba&view=json URL directly without a JSON-encoded, encrypted message to the backup engine you are supposed to get the nondescript error message "JSON decoding error". This is the same error you would get if the encrypted message was using the wrong secret key or contained invalid data. This is done on purpose for security reasons. As we said in August 2014 this change mitigates a Padding Oracle vulnerability which had been present in the JSON API's cryptography. That and the enforced complexity of the secret key keep you safe.

Which brings us back to what could possibly be wrong. The message returned by Akeeba Remote CLI tells you that it cannot communicate properly with your server.

First of all, your site is HTTPS. Most likely you are using a modern SSL certificate with SHA-256 signatures and / or a server which tries to force TLS 1.1 or later. This is great and secure. However, does your local PHP installation support them? :) It'd need to have been compiled against new (less than 18 months old) versions of libcurl and openssl.

Another thing is the cryptography used to communicate to the site. Both the machine of Remote CLI (client) and the server of your site (server) must support Rijndael-128 encryption through the mcrypt or OpenSSL module for PHP. If either was updated and no longer supports that you're out of luck.

So I'd first try to update the PHP on the machine you are running Remote CLI from.

You already checked if a SEF component gets in the way? I am unsure if you tried using Remote CLI after disabling SEF. You should try it anyway.

Moreover, there could be a web server module (like mod_security2) or an extension on Joomla! which modifies the JSON payload sent by Remote CLI or completely blocks the request. You can pass the --verbose flag to see the raw server response. If the server rejects the request you will see "cURL error" printed under the URL. If it's a soft error, i.e. you have the wrong secret key or an encryption failure, you will see something like this:
Raw Response: {"encapsulation":1,"body":{"status":401,"data":"\"Authentication failed\""}}
Parsed Result: stdClass Object
(
    [encapsulation] => 1
    [body] => stdClass Object
        (
            [status] => 401
            [data] => "Authentication failed"
        )

)

This will at least help you narrow down the issue.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!