Encryption Problem

bigtreiber · October 28, 2020, 9:53am

I’ve upgraded from 19.0.4 to 20.0.1 and now I can’t access my instance any more. I think I’ve messsed around with the default encryption module.

When trying to get the encryption status with
“sudo -u www-data php occ encryption:status”

I get the output:

An unhandled exception has been thrown:
Exception: Authenticated ciphertext could not be decoded. in /var/www/nextcloud/lib/private/Security/Crypto.php:122
Stack trace:
#0 /var/www/nextcloud/lib/private/Encryption/Keys/Storage.php(285): OC\Security\Crypto->decrypt(‘-----BEGIN PUBL…’)
#1 /var/www/nextcloud/lib/private/Encryption/Keys/Storage.php(230): OC\Encryption\Keys\Storage->getKey(‘/files_encrypti…’)
#2 /var/www/nextcloud/lib/private/Encryption/Keys/Storage.php(122): OC\Encryption\Keys\Storage->getKeyWithUid(‘/files_encrypti…’, NULL)
#3 /var/www/nextcloud/apps/encryption/lib/KeyManager.php(615): OC\Encryption\Keys\Storage->getSystemUserKey(‘pubShare_657f17…’, ‘OC_DEFAULT_MODU…’)
#4 /var/www/nextcloud/apps/encryption/lib/KeyManager.php(171): OCA\Encryption\KeyManager->getPublicShareKey()
#5 /var/www/nextcloud/apps/encryption/lib/Users/Setup.php(87): OCA\Encryption\KeyManager->validateShareKey()
#6 /var/www/nextcloud/apps/encryption/lib/AppInfo/Application.php(73): OCA\Encryption\Users\Setup->setupSystem()
#7 /var/www/nextcloud/apps/encryption/appinfo/app.php(37): OCA\Encryption\AppInfo\Application->setUp()
#8 /var/www/nextcloud/lib/private/legacy/OC_App.php(289): require_once(‘/var/www/nextcl…’)
#9 /var/www/nextcloud/lib/private/legacy/OC_App.php(171): OC_App::requireAppFile(Object(OCA\Encryption\AppInfo\Application))
#10 /var/www/nextcloud/lib/private/legacy/OC_App.php(131): OC_App::loadApp(‘encryption’)
#11 /var/www/nextcloud/lib/private/Console/Application.php(127): OC_App::loadApps()
#12 /var/www/nextcloud/console.php(99): OC\Console\Application->loadCommands(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#13 /var/www/nextcloud/occ(11): require_once(‘/var/www/nextcl…’)
#14 {main}

Next OC\ServerNotAvailableException: Could not decrypt key in /var/www/nextcloud/lib/private/Encryption/Keys/Storage.php:287
Stack trace:
#0 /var/www/nextcloud/lib/private/Encryption/Keys/Storage.php(230): OC\Encryption\Keys\Storage->getKey(‘/files_encrypti…’)
#1 /var/www/nextcloud/lib/private/Encryption/Keys/Storage.php(122): OC\Encryption\Keys\Storage->getKeyWithUid(‘/files_encrypti…’, NULL)
#2 /var/www/nextcloud/apps/encryption/lib/KeyManager.php(615): OC\Encryption\Keys\Storage->getSystemUserKey(‘pubShare_657f17…’, ‘OC_DEFAULT_MODU…’)
#3 /var/www/nextcloud/apps/encryption/lib/KeyManager.php(171): OCA\Encryption\KeyManager->getPublicShareKey()
#4 /var/www/nextcloud/apps/encryption/lib/Users/Setup.php(87): OCA\Encryption\KeyManager->validateShareKey()
#5 /var/www/nextcloud/apps/encryption/lib/AppInfo/Application.php(73): OCA\Encryption\Users\Setup->setupSystem()
#6 /var/www/nextcloud/apps/encryption/appinfo/app.php(37): OCA\Encryption\AppInfo\Application->setUp()
#7 /var/www/nextcloud/lib/private/legacy/OC_App.php(289): require_once(‘/var/www/nextcl…’)
#8 /var/www/nextcloud/lib/private/legacy/OC_App.php(171): OC_App::requireAppFile(Object(OCA\Encryption\AppInfo\Application))
#9 /var/www/nextcloud/lib/private/legacy/OC_App.php(131): OC_App::loadApp(‘encryption’)
#10 /var/www/nextcloud/lib/private/Console/Application.php(127): OC_App::loadApps()
#11 /var/www/nextcloud/console.php(99): OC\Console\Application->loadCommands(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#12 /var/www/nextcloud/occ(11): require_once(‘/var/www/nextcl…’)
#13 {main}

What can I do?

jado · October 29, 2020, 4:01pm

Got the same issue!

highTowerSU · November 5, 2020, 9:59pm

I have the same issue.

alexB · November 26, 2020, 2:13pm

Hello

You can try :
$ cd /var/www/html/nextcloud
$ sudo -u www-data php occ encryption:disable

Else you can try :
$ cd /var/www/html/nextcloud
$ mv data/files_encryption data/files_encryption_old/
$ sudo -u www-data php occ encryption:disable

I had the same issue.

Mathias1 · December 8, 2020, 9:41pm

did anyone solve this? i get the same error. if i revert to a backup with decryption disabled it works but some off my files are still encrypted

m.ortmann · December 9, 2020, 2:15pm

We had the same issue after upgrading from NC19 to NC20

We solved it by disabling the app: Default encryption module. After disabling we were able to log on to the server WebIF.

Luckily one admin account was still logged in due to cookies.
Note: As we run a small Nextcloud on premise we didnt encrypt our files, we dont know what will happen if your files are encrypted.
If you dont have access to the admin WebIF you can also disable apps by using an occ command via ssh:
sudo -u www-data php occ app:disable app name

Found here:

Mathias1 · January 8, 2021, 7:15am

I was able to decrypt my files and disabled the encryption so now it works again. I was using the script on GitHub for decryption

enoch85 · March 12, 2021, 4:46pm

Which script?

bloo · June 1, 2021, 4:05pm

Probably GitHub - syseleven/nextcloud-tools: This project contains tools to operate Nextcloud. but @Mathias1 can confirm that?