Flipping on server side encryption - will desktop client files/sync still work after?

Hello everyone,
Long time owncloud then Nextcloud user. I’m starting to put a lot of files in and setup some structure and I am going to need the files encrypted on the backend location (local server path on linux) and loving the recent v3.2.1 of the windows client with virtual file support.

I couldn’t find any documentation that would state files will not operate like they do now post-enable of the server-side encryption. Can folks give me a confirmation on that? I want to enable it, then still have the files syncing as they are down and usable on Windows.

Appreciate any confirmation here or warnings on this. I don’t mine the size increase, but the directories and files will need to be usable natively in Windows as they are now or this is too much to handle. Thanks!

Wow - must not only be me wondering this. I thought this was an easy one.

Hi, it should work with server side encryption, too. But I didn’t tried it because I don’t trust server side encryption. What the documentation states though is that it doesn’t work with end-to-end-encryption.

1 Like

Appreciate that. Geez - I should feel confident to flip that on so I can have files secured at the storage location on the OS, but not having the confidence the desktop apps file functionality to open stored docs in Windows, etc. won’t break is troubling. I guess I can spin-up another nextcloud instance and test it, but geez. I have to believe many others are doing this now right?

That’s probably the best way, anyway.

1 Like

I have finally had a little time.

  1. I spin-up a fresh instance of NextCloud on a different Linux Mint box.
  2. Installed all deps and just did a sqlite backend to get something quickly-ish.
  3. When in, I saw the default/sample files that is part of the distro in my home folder.
  4. I could see them also in the host OS directory.
  5. I went to security, enabled server-side encryption - it prompted to enable default encryption in the apps, so I did.
  6. Once enabled, I uploaded a few new files.
  7. The old files that were present in my nextcloud user home were not touched. They were not encryted.
  8. All new files after the settings change were encrypted via CLI (no auth via nextcloud)
  9. I WEBDAV mounted the share in Nemo (Linux Mint) just to see and files were visible and fine in that share even though they were encrypted on the server.
  10. I also uploaded files via the webdav share and they were operational as they should be via the share mount and the web UI, but were encrypted via the OS in CLI.

Cool.