Encryption module is not able to read file #1226
Comments
MorrisJobke
added
bug
feature: encryption (server-side)
0. Needs triage
|
Tried to decrypt the files using occ: You are about to start to decrypt all files stored in your ownCloud. Do you really want to continue? (y/n) y Prepare "Default encryption module" You can only decrypt the files of all users if the Please enter the recovery key password: [Symfony\Component\Console\Exception\RuntimeException] encryption:decrypt-all [] |
|
Does the user (or the admin) changed his password of the user account? If you use the native Nextcloud user back-end this should also update the users private key. Did you tried to follow the information and update the users private key by entering the old and the new login password in the personal settings? |
|
Obviously the user himself had changed the password multiple times ( i think twice). So we tried to enter old and new password, using the 2 generation of password. It never worked and we ended up restoring from backup and re-sync. Now we've turned off the oC/NC encryption and will never use it. |
We do have a serious issue where the files are inaccessible due to a encryption key issue. This affects us severely and really hoping to get some help.
The issue is with the encryption module being unable to read/decrypt files:
"reqId":"V8UbhPdwa8bN6xxAGYQlvgAAAAk","remoteAddr":"N.N.N.N","app":"no app in context","message":"Exception: {"Exception":"OC\Encryption\Exceptions\DecryptionFailedException","Message":"Encryption module "Default encryption module" is not able to read
app":"webdav","message":"Exception: {"Message":"HTTP/1.1 503 Encryption not ready: Private Key missing for user: please try to log-out and log-in again"
The web UI login warns about Invalid private key for Encryption app. Please update your private key password in your personal settings.
The personal settings change password field i can see: your private key password no longer matches your log-in password.
Attempt to update private key password hangs with "save in progress".
Steps to reproduce
Change password for a user on an oC instance with encryption enabled. 2.Login and enter password to update private key
Sync data using the client and get 503/operation failes.
Expected behaviour
Tell us what should happen
Actual behaviour
Tell us what happens instead
Server configuration
Operating system:
Centos 6.7
Web server:
Nginx reverse proxy + Apache 2.4
Database:
MariaDB 10.0
PHP version:
5.6.23
ownCloud version: (see ownCloud admin page)
stable9
Updated from an older ownCloud or fresh install:
Where did you install ownCloud from:
git stable9
"system": {
"instanceid": "",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"sub.example.com",
"www.sub.example.com"
],
"datadirectory": "/home/sub.example.com/data",
"dbtype": "mysql",
"version": "9.0.5.0",
"dbname": "oc_01",
"dbhost": "sub.example.com",
"dbtableprefix": "oc_",
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"logtimezone": "UTC",
"installed": true,
"apps_paths": [
{
"path": "/home/sub.example.com/apps",
"url": "/apps",
"writable": true
},
],
"filesystem_check_changes": 0,
"memcache.local": "\OC\Memcache\APCu",
"filelocking.enabled": true,
"memcache.locking": "\OC\Memcache\Redis",
"redis": {
"host": "N.N.N.N",
"port": 6379
},
"theme": "custom",
"maintenance": false,
"loglevel": 0,
"mail_smtpmode": "php",
"trashbin_retention_obligation": "auto",
"singleuser": false
}
Are you using external storage, if yes which one: none
Are you using encryption: yes
Are you using an external user-backend, if yes which one: None
Any help to get back the access to the users files are highly appreciated!
Thanks!
@schiessle
The text was updated successfully, but these errors were encountered: