/files_encryption folder full of orphaned keys

I used server-side encryption for quite a while now but decided to disable this feature. I executed occ encryption:decrypt-all to disable the feature and decrypt my files. After a while I received a message that some files could not be decrypted for two of my three users.

As the amount of data is not too much I decided to simply delete all files from nextcloud and upload them again. So far, so good.

After deleting my files I checked my data directory which is now empty except for the ‘/files_encryption’ folder. Here I found a ton of orphaned encryption keys belonging to files which are not part of the system anymore.

How can I get rid of these files? I tried things like occ files:cleanup and occ files:scan --all but this had no effect.

@bjoern are keys not included into cleanup routines?

Make a full backup of your system including these files_encryption folders. I had the same problem and just deleted these folders manually. Just in case there were a file which is still encrypted and not on any client, you can recover it from your backup. Don’t forget to backup the database as well.

1 Like