Can't access nextcloud need updater.secret

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face: is for home/non-enterprise users. If you’re running a business, paid support can be accessed via where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:


Or for longer, use three backticks above and below the code snippet:


Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 12.0.2): (15.0.2) I think
Operating system and version (eg, Ubuntu 17.04):
Apache or nginx version (eg, Apache 2.4.25): Apache 2
PHP version (eg, 7.1):7.2

The issue you are facing: update stopped; can’t even access my files. I’m asked to provide the updater.secret which I can’t seem to find. I’ve pasted the lines on the command console but the plain text values it gives change each time I paste it. Am I supposed to change the config.php of nextcloud? Anywhere or at a specific place? Am I supposed to paste all of the line?

This is deeply frustrating as I’m a beginner with linux and nextcloud and I can’t access my files to back up some that weren’t.

This is the line:
php -r '$password = trim(shell_exec("openssl rand -base64 48"));if(strlen($password) === 64) {$hash = password_hash($password, PASSWORD_DEFAULT) . "\n"; echo "Insert as \"updater.secret\": ".$hash; echo "The plaintext value is: ".$password."\n";}else{echo "Could not execute OpenSSL.\n";};'

Is this the first time you’ve seen this error? (Y/N):Y

Steps to replicate it:

The output of your Nextcloud log in Admin > Logging:


The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

PASTE HERE   /var/www/html/nextcloud/config

The output of your Apache/nginx/system log in /var/log/____:



I ran into the same problem during an Update using the Web Updater. I ended up using the command line updater to complete the upgrade:
sudo -u www-data bash
cd /var/www/nextcloud/updater
php updater.phar
cd ..
./occ upgrade

I hope this helps, if someone has the same problem.



Running in to the same issue on NC All though manual update is a option I like to use web update.

Server configuration detail

Operating system: Linux 4.4.0-170-generic #199-Ubuntu SMP Thu Nov 14 01:45:04 UTC 2019 x86_64

Webserver: Apache/2.4.18 (Ubuntu) (apache2handler)

Database: mysql 10.0.38

PHP version: 7.4.8

Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, Reflection, SPL, session, standard, sodium, apache2handler, mysqlnd, PDO, xml, apcu, bz2, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, iconv, igbinary, imagick, imap, intl, json, exif, memcache, msgpack, mysqli, pdo_mysql, apc, posix, pspell, readline, redis, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tidy, tokenizer, xmlreader, xmlwriter, xsl, zip, Phar, memcached, Zend OPcache

Nextcloud version: 18.0.4 -

Updated from an older Nextcloud/ownCloud or fresh install:

Where did you install Nextcloud from: unknown

Signing status

Array ( )

List of activated apps
- accessibility: 1.4.0
- activity: 2.11.0
- audioplayer: 2.10.1
- bruteforcesettings: 1.6.0
- calendar: 2.0.3
- cloud_federation_api: 1.1.0
- cms_pico: 1.0.7
- contacts: 3.3.0
- dav: 1.14.0
- documentserver_community: 0.1.7
- extract: 1.2.4
- federatedfilesharing: 1.8.0
- federation: 1.8.0
- files: 1.13.1
- files_antivirus: 2.4.1
- files_external: 1.9.0
- files_markdown: 2.3.0
- files_pdfviewer: 1.7.0
- files_rightclick: 0.15.2
- files_sharing: 1.10.1
- files_trashbin: 1.8.0
- files_versions: 1.11.0
- files_videoplayer: 1.7.0
- logreader: 2.3.0
- lookup_server_connector: 1.6.0
- maps: 0.1.6
- nextcloud_announcements: 1.7.0
- notifications: 2.6.0
- oauth2: 1.6.0
- ocdownloader: 1.7.8
- onlyoffice: 4.3.0
- password_policy: 1.8.0
- passwords: 2020.7.0
- photos: 1.0.0
- printer: 0.0.3
- privacy: 1.2.0
- provisioning_api: 1.8.0
- rainloop: 6.1.4
- recommendations: 0.6.0
- serverinfo: 1.8.0
- settings: 1.0.0
- sharebymail: 1.8.0
- support: 1.1.0
- survey_client: 1.6.0
- text: 2.0.0
- theming: 1.9.0
- twofactor_backupcodes: 1.7.0
- twofactor_totp: 4.1.3
- updatenotification: 1.8.0
- viewer: 1.2.0
- workflowengine: 2.0.0
- admin_audit
- comments
- encryption
- firstrunwizard
- systemtags
- user_ldap

Configuration (config/config.php)
   "instanceid": "***REMOVED SENSITIVE VALUE***",
   "passwordsalt": "***REMOVED SENSITIVE VALUE***",
   "secret": "***REMOVED SENSITIVE VALUE***",
   "trusted_domains": [
   "datadirectory": "***REMOVED SENSITIVE VALUE***",
   "overwrite.cli.url": "https:\/\/",
   "dbtype": "mysql",
   "version": "",
   "dbname": "***REMOVED SENSITIVE VALUE***",
   "dbhost": "***REMOVED SENSITIVE VALUE***",
   "dbport": "",
   "dbtableprefix": "oc_",
   "dbuser": "***REMOVED SENSITIVE VALUE***",
   "dbpassword": "***REMOVED SENSITIVE VALUE***",
   "memcache.local": "\\OC\\Memcache\\Redis",
   "redis": {
       "host": "***REMOVED SENSITIVE VALUE***",
       "port": 6379
   "logtimezone": "Europe\/Amsterdam",
   "has_internet_connection": true,
   "check_for_working_webdav": true,
   "installed": true,
   "loglevel": 1,
   "maintenance": false,
   "log_rotate_size": 1485760,
   "mail_smtpmode": "sendmail",
   "mail_from_address": "***REMOVED SENSITIVE >VALUE***",
   "mail_domain": "***REMOVED SENSITIVE VALUE***",
   "app.mail.imaplog.enabled": "true",
   "mail_smtpauthtype": "LOGIN",
   "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
   "mail_smtpport": "587",
   "enabledPreviewProviders": [
   "": "stable",
   "theme": "",
   "trashbin_retention_obligation": "auto, 365",
   "mail_smtpsecure": "tls",
   "mail_smtpauth": 1,
   "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
   "mail_smtppassword": "***REMOVED SENSITIVE >VALUE***",
   "mysql.utf8mb4": true,
   "app_install_overwrite": [
   "updater.secret": "***REMOVED SENSITIVE VALUE***"

External storages: yes

External storage configuration
| Mount ID | Mount Point | Storage | Authentication Type | >Configuration              | Options         | Applicable Users | >Applicable Groups | Type  |
| 1        | /Muziek     | Lokaal  | Geen                | datadir: "\/cloud\/muziek" | readonly: false |                  | muziek            | Admin |
| 2        | /Share      | Lokaal  | Geen                | datadir: "\/cloud\/Films"  | readonly: true  |                  | films             | Admin |
| 4        | /Share      | Lokaal  | Geen                | datadir: "\/cloud\/Films"  | readonly: false |                  | FilmsW            | Admin |

Encryption: no


  • OC\User\Database

Browser: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0.

Running the command

gave the output :

Insert as “updater.secret”: $2y$10$u0IdmH2PTo7zloPHwR4W4eYtmEzh1q.uKK6hBMolPpIKVzCgkrQj6
The plaintext value is: CQPJsjNCLglF5omB0S4cxPv5vJB7p/os5tnKYFdSkNuWzBTIEaHPa5Qm5Qu3XAQB

I then copied the first line value and replaced it with the line in my NC config.php

‘updater.secret’ => ‘$2y$10$u0IdmH2PTo7zloPHwR4W4eYtmEzh1q.uKK6hBMolPpIKVzCgkrQj6’,

just before


I then saved the file and retied the web updater. It just runs and doesn’t even asked for the plain password :s

Web update went well and am now on 18.0.7. Tried to update to 19.0.1 and run into the same problem.

Now I removed the line updater.secret from the config.php completly and the web update again starts as normal.

This seems like some sort of security messure as after the update to 19.0.1 the line reappears in my config with a new value.

Security Status


I cannot run commands, because my NextCloud instance is on a webhosting service…

How to get passed the hashed-secret problem? I can find the secret, but don’t know how to unhash it.

If you couldn’t access Nextcloud using commands you could browse in the file system (using FTP or SSH) and modify the file /config/config.php in the Nextcloud data folder. There you could insert the updater.secret and use then the plaintext value to log in.

For future reference: I changed to another webhosting space, one that I knew supported NextCloud. I never had the problem anymore.

I know that’s not a solution, but it’s good to know for other “beginning” NextCloud users, that they best choose a hosting company that supports NextCloud.

1 Like

works like a charm!! Thanks for sharing!!!

If needed you can create new updater.secret with plain text password directly in a php script (e.g. on webserver) look here.