How to decrypt a Passwords backup file with E2E enabled?

Hi Marius, all,

I create a backup file with ./occ passwords:backup:export per the documentation at Backups · Wiki · nextcloud / passwords · GitLab (SUCCESS)

Next, I want to decrypt the encrypted properties in the JSON file.

For this, I’m reading the documentation at Encryption · Wiki · nextcloud / passwords · GitLab

In the JSON backup file, I do find the field sseKey for each entry.

How should I use sseKey and the global E2E password to get the decrypted value?


What are you up to?

I make sure I would be able to restore all my passwords if my server crashes.

In that case i recommend

  • setting up a test server
  • adding the user accounts you want to test (including the correct internal Nextcloud Ids)
  • and then just restoring the backup on that server

In order to decrypt a password from the backup, you would have to implement the entire E2E encryption flow and SSEv2.