Encrypted files being deleted Nextcloud 22.2.0

Recently installed nextcloud 22.2.0 on Docker on top of OpenMediaVault Server (debian10)

When syncing files using using the Next Cloud Linux client Version 2.6.2-1build1
I have seen that it automatically deletes any encrypted .key or .pem files from the server

When Ive manually deleted files in local ‘NextCloud’ directory it seems to make a copy of the files and stores them in the Trashcan on the nextcloud Browser

Is it possible to setup a rule or use a config option to do that same for .pem or or .key files ?

Hi @smetchallz

What do you mean by that? They get automatically deleted? Or you delete them and then they don’t go do the trashbin?

…and what do you mean by encrypted? Do you use End to End Encryption or server-side encryption for those files?

Just tested it on my instance with a few test files and .pem or .key files behave like any other files. I use the Desktop Client in version 3.3.5 on Arch Linux and I have no encryption enabled on my Nextcloud instance.

Without trying to sound as rude or arrogant as some

Issue resolved

It was not my intention to be rude. But if you had used encryption, your problem might have had something to do with that. I just couldn’t imagine why the Desktop Client would treat .key and .pem files differently than other files, and honestly I still can’t. But maybe you’ll share with us what the problem was and how you solved it. This may help others who have a similar issue…,

I didnt have encryption set
And the NextCloud client was deleting the local sync folder file , not me

I did have Ransomware protection 1.11.0 app switched on.

The client was blocking any uploads with ‘403 Forbidden’
or “Ransomeware file detected” depending on which version of NextCloud Client I was using Mac or Linux

When I disabled the app the Syncronization clint ignored any private key files with
-----BEGIN ENCRYPTED PRIVATE KEY-----
text inside and no longer deleted any files

Ah ok. I don’t use this app myself but on the GitHub page of the app I found this:

If you want to exclude the problematic pattern, you can copy it from this notification and ask your admin to add it to the exclude list. Hint: You can find the apps admin settings in the security tab of your Nextcloud instance. Admins can also see the pattern in the log when it is set to level Warning or lower.

https://github.com/nextcloud/ransomware_protection

If that dosn’t help, you could maybe open an issue here…

https://github.com/nextcloud/ransomware_protection/issues

Yes there is an option within the Admin user, settings to add exclude extentions

seems to work :o)

1 Like