Beta of Nextcloud 10 with Two-Factor Authentication, Improved Federation and more

Originally published at: https://nextcloud.com/beta-of-nextcloud-10-with-two-factor-authentication-improved-federation-and-more/
[caption id=“attachment_693” align=“alignright” width=“310”]2016-07-21_11-37-37 Enable TOTP[/caption]
Today we release a beta of Nextcloud 10. This release brings a number of new features like new authentication protection mechanisms (including brute force protection and Two-Factor Authentication), improvements to federation, usability work and more. We’re also close to implementing the final pieces of enterprise functionality we promised, a task we will complete before the final release of Nextcloud 10.

Brute force protection and Two-factor auth

Authentication has gotten a serious overhaul, improving the security of your Nextcloud through brute force protection and two-factor authentication, features mainly developed by Lukas Reschke and Christoph Wurst (more details in Lukas’ blog).

Brute Force Protection logs invalid login attempts and slows down multiple attempts from a single IP address (or IPv6 range). This feature is enabled by default and protects against an attacker who tries to guess a password from one or more users.
[caption id=“attachment_694” align=“alignright” width=“300”]2016-07-21_11-38-53 TOTP in action[/caption]
The login system now supports pluggable authentication. That includes two-factor authentication and device specific passwords, complete with a list of connected browsers and devices on the users’ personal page. Users can also use their email address to log in.

Active sessions can now be invalidated through the list, by removing the user in the admin settings or by changing passwords and this also works for LDAP users. Admins can even enable or disable two-factor authentication for users on the command line.

For the final Nextcloud 10 release some more SAML work is being finalized. The clients don’t support two-factor authentication yet, something which is a work-in-progress. Device specific passwords can off course be used.

Federation

Bjoern and others continued to work on Federation (see his blog). Main improvements are a better handling of mounted link shares and reshares as well as more detailed permissions support. [caption id="attachment_695" align="alignright" width="300"]Screenshot_20160721_111928 Upgrade to test 10.0 Beta![/caption] Since its inception in 2014 of server to server sharing, it has been possible to add a shared link to your Nextcloud instance. In Nextcloud 10, these will act like normal federated shares, that is, you can see who you shared with, change permissions and remove the shared link without removing the federated shares.

Another “make it more seamless” improvement is that if you re-share federated shares, the servers make a direct connection rather than going via your server. This means faster and more reliable sharing!

Last but not least, federated shares now offer exactly the same type of permissions as normal shares in Nextcloud.

Usability updates

[caption id="attachment_696" align="alignright" width="300"]Screenshot_20160721_113535 Text file preview[/caption]

There has been usability work in various areas of Nextcloud like on the Files app and the theming abilities.

The Files app offers permanent links to files in the URL bar. That is, if you send the URL of a file on your Nextcloud to a colleague or friend you shared the file with, they can open the link you sent no matter where they have moved the shared file in their Nextcloud instance.

The Files app can also now show or hide hidden files, remember the sort order per user and will scroll the file list when you are dragging files to move them into another folder.

Previews of text files won’t be shown as unreadable small thumbnails but much bigger and last but not least, if you upload files, an estimate is given for how long the upload will take.

External storage

This release brings some updates to external storage, improving the performance and memory usage of the Dropbox and Google Drive support. Nextcloud 10 also introduces UTF-8 NFD encoding support for external storages. Last but not least, this release introduces support for SMB change notifications used in enterprise environments. This ensures changes on a Windows Network Drive will be quickly and without a big performance impact reflected in Nextcloud.

And more

There are a number of changes for developers which will enable better performance of the clients, enable them to define background jobs and repair steps and more.

The upgrade process has also undergone a number of improvements, showing better progress information and improving reliability but we’re still working in this area so more information will be in the final announcement.

We’re still working on a number of features and improvements, including some significant performance work for large instances. Help us test the beta and stay tuned for the final release!

As reminders, we’ve developed a docker image to bring Collabora Online to home users, you can of course test this with Nextcloud 10. And we also invite you all to our Nextcloud Conference, to help shape the future of Nextcloud!

Get the beta now

10 Likes

So many goodies in this release :slight_smile:

Really appreciate the 2FA, Christoph and Lukas! I’ve never felt comfortable logging in to my admin account on untrusted machines, and this mitigates that concern significantly. Thanks for giving me peace of mind when I’m on-the-go!

1 Like

Trying to overwrite my .53 test version, the occ upgrade command throws an error during federations (I don’t have federations set up, this might be the reason):
Updated to 0.2.1
Updating …
An unhandled exception has been thrown:
Error: Call to undefined method OCA\Federation\AppInfo\Application::setupCron() in /var/www/nextcloud/apps/federation/appinfo/update.php:23
Stack trace:
#0 /var/www/nextcloud/lib/private/legacy/app.php(1197): include()
#1 /var/www/nextcloud/lib/private/Updater.php(374): OC_App::updateApp(‘federation’)
#2 /var/www/nextcloud/lib/private/Updater.php(251): OC\Updater->doAppUpgrade()
#3 /var/www/nextcloud/lib/private/Updater.php(150): OC\Updater->doUpgrade(‘9.1.0.13’, ‘9.0.53.0’)
#4 /var/www/nextcloud/core/Command/Upgrade.php(290): OC\Updater->upgrade()
#5 /var/www/nextcloud/3rdparty/symfony/console/Command/Command.php(259): OC\Core\Command\Upgrade->execute(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#6 /var/www/nextcloud/3rdparty/symfony/console/Application.php(844): Symfony\Component\Console\Command\Command->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#7 /var/www/nextcloud/3rdparty/symfony/console/Application.php(192): Symfony\Component\Console\Application->doRunCommand(Object(OC\Core\Command\Upgrade), Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#8 /var/www/nextcloud/3rdparty/symfony/console/Application.php(123): Symfony\Component\Console\Application->doRun(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#9 /var/www/nextcloud/lib/private/Console/Application.php(145): Symfony\Component\Console\Application->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#10 /var/www/nextcloud/console.php(92): OC\Console\Application->run()
#11 /var/www/nextcloud/occ(11): require_once(’/var/www/nextcl…’)
#12 {main}

Looks like Collabora is not available yet - any info when it will become available fĂźr NC 10?

Will the two-factor and related features be compatible with external authentication, such as IMAP?

Really looking forward to 10!

Installation does not work, if database already existied.

I try to “fresh” install NC 10 but connect it to an existing NC Db used by 9.0.50 and 9.0.52.

I have to create a new (temporary) admin user of course, but the installation does not proceed stating error:

Error while trying to create admin user: Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [1045] Access denied for user ‘dbuser’@‘localhost’ (using password: YES)

with DB credentials being correct (to state the obvious)

Has the db-structure been modified?

Update did work without any problem.
i like the new features, eg. the list of active sessions
but after i installed the TFA app and enabled the TFA no QR-Code is shown

So, the update went smoothly, but the 2FA features don’t show up.
Where did you get the TFA app from?

…nevermind - I wasn’t expecting to find that one on the ownCloud App Store. :wink:

i used this one:

I can’t find 2FA, where do you see it?

You wil have to install the twofactor app from the ownCloud store into your nextCloud app folder and activate it. Afterwards, you will find the totp option in the personal accounts settings.

I am, too, using the OTP Auth app from the iOS Appstore…

@joergschulz Same problem here:
Checked database schema update for apps Updating database schema Updated database Updating <federation> ... An unhandled exception has been thrown: Error: Call to undefined method OCA\Federation\AppInfo\Application::setupCron() in /home/nextcloud/public_html/apps/federation/appinfo/update.php:23 Stack trace: 0 /home/nextcloud/public_html/lib/private/legacy/app.php(1197): include() 1 /home/nextcloud/public_html/lib/private/Updater.php(374): OC_App::updateApp('federation') 2 /home/nextcloud/public_html/lib/private/Updater.php(251): OC\Updater->doAppUpgrade() 3 /home/nextcloud/public_html/lib/private/Updater.php(150): OC\Updater->doUpgrade('9.1.0.13', '9.0.52.0') 4 /home/nextcloud/public_html/core/Command/Upgrade.php(290): OC\Updater->upgrade() 5 /home/nextcloud/public_html/3rdparty/symfony/console/Command/Command.php(259): OC\Core\Command\Upgrade->execute(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput)) 6 /home/nextcloud/public_html/3rdparty/symfony/console/Application.php(844): Symfony\Component\Console\Command\Command->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput)) 7 /home/nextcloud/public_html/3rdparty/symfony/console/Application.php(192): Symfony\Component\Console\Application->doRunCommand(Object(OC\Core\Command\Upgrade), Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput)) 8 /home/nextcloud/public_html/3rdparty/symfony/console/Application.php(123): Symfony\Component\Console\Application->doRun(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput)) 9 /home/nextcloud/public_html/lib/private/Console/Application.php(145): Symfony\Component\Console\Application->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput)) 10 /home/nextcloud/public_html/console.php(92): OC\Console\Application->run() 11 /home/nextcloud/public_html/occ(11): require_once('/home/nextcloud/pub...') 12 {main}sh-4.2$

Bad. Didn’t find a solution yet.

Thanky you budy,:wink:
this version works !!!

I downloaded the 2FA app from owncloud and enabled it and it works…but only with google authenticator (me no like). What did you do to get it to work with OTP Auth?

Oh it Does work with that but only SHA1 :confused: that should be changed in the app

Yeah, well… I guess Google Authenticator is the way to go here or do you know of another service that is freely available. In that case, both apps would need to support that and both maintainers would need to be contacted.

@joergschulz

Solution is to remove apps en thirdapps folder en upload the beta folders and then the upgrade will finish.

Upgrade script does not remove the upgrade.php files in the apps and thirdapps folders.

1 Like