Invalid private key for encryption app. Please update your private key password in your personal settings to recover access to your encrypted files

MarslMarcello · February 17, 2018, 10:29pm

I’ve got the same problem after an update to version 13.
I did the update today. After the processing, everything looked fine until my first login. I’ve got the message “Invalid private key for encryption app. Please update your private key password in your personal settings to recover access to your encrypted files”

I couldn’t fix it but it is important because I can’t access my files anymore.
What did I wrong?

Will it work again when I’ve go back to the earlier version 12.0.4.3?

John_Pagourtzis · February 18, 2018, 6:53pm

Unfortunately Nextcloud personnel has so many issues to resolve that it is
approx impossible this to be fixed. Your best lack is to install it again
or have a backup.

I am searching for a better more stable solution and as i see seafile is
one of them.

MarslMarcello · February 18, 2018, 9:06pm

I’ve fixed it with a complete re-upload of all data (luck I had a full backup) for my user and have to do it for the other users as well. I’ll try to avoid to update in the future or will not use the encryption anymore. For long-term, I think about to use another solution as nextcloud. The risk is too high to lose all data.

John_Pagourtzis · February 20, 2018, 8:54am

One of the biggest problem NC has is the update/upgrade procedure. I understand the difficulties but for the solution to be used with trust from the beginner until the pros it must be flawless and with an easy way to revert back.

As i see seafile is one option. Will test it as soon as possible.

Escubaer · February 20, 2018, 9:08am

Hm, are you using the docker process or the tar file process for upgrades? IMHO the web updater will never work properly. And Linux packages will also have their own issues … besides that there are no official once.

John_Pagourtzis · February 20, 2018, 9:11am

No not docker. Web updater and cli to update the instance.
Will try seafile very soon but one of my concerns is that its not 100% open source.

melloa · February 25, 2018, 11:26pm

Got the annoying message after the upgrade on my FreeBSD VM: Invalid private key for encryption app. Please update your private key password in your personal settings to recover access to your encrypted files.

Stupid me can’t find where to set it or turn it off… No impact to file access, just the message on the web interface.

king-knut · February 26, 2018, 3:00am

Same here. Enabled the “Default encryption module” and “End-to-End Encryption” module after installing NC13 but can’t use them. I get above mentioned error message and in “Security” settings I’m asked to enter my old password:

Your private key password no longer matches your log-in password.
Set your old private key password to your current log-in password:

No clue, what they mean by old password. Can’t remember any and I’m sure i did not change my password at all. But I even get this message for newly set-up accounts. Thus I suppose this is a bug. Hope a solution will come soon.

melloa · February 26, 2018, 3:45pm

Correct. It appears on new account I just created for my daughter. I’ve never enabled encryption on mine. Have you saw any bug ticket on this? Don’t want to duplicate.

king-knut · February 26, 2018, 4:09pm

Honestly, I didn’t even know where to post bug reports. Was hoping Nextcloud developers would read this and fix the problem. But just had a look and found the issue tracker on Github. Entering the error message displayed in the title of this thread did not bring up anything. Posted a bug report here:

github.com/nextcloud/server

Invalid private key for encryption app. Please update your private key password in your personal settings to recover access to your encrypted files

opened 05:25PM - 26 Feb 18 UTC

knut-hildebrandt

bug 1. to develop feature: encryption (server-side) pending documentation 25-feedback

### Steps to reproduce 1. enable Default encryption module 2. logout and login again (as recommend) 3. go to Security settings to change password ### Expected behaviour Default encrytion module should be enable and work without problems. No clue why changing password is necessary. ### Actual behaviour At login an error message pops up saying: "Invalid private key for encryption app. Please update your private key password in your personal settings to recover access to your encrypted files" Trying to change the password is not possible, because an old password that could be entered never has been set. This even holds true for fresh accounts that are set up after enabling Default encryption module. See discussion here: https://help.nextcloud.com/t/invalid-private-key-for-encryption-app-please-update-your-private-key-password-in-your-personal-settings-to-recover-access-to-your-encrypted-files/27108/13 ### Server configuration **Operating system**: **Web server:** shared hoster **Database:** mysql 5.6.34 **PHP version:** 5.6 **Nextcloud version:** (see Nextcloud admin page) 13.0.0 **Updated from an older Nextcloud/ownCloud or fresh install:** from 12.0.5 **Where did you install Nextcloud from:** updater **Signing status:** <details> <summary>Signing status</summary> ``` Login as admin user into your Nextcloud and access http://example.com/index.php/settings/integrity/failed paste the results here. "No errors have been found." </details> **List of activated apps:** <details> <summary>App list</summary> Activity 2.6.1 AppOrder 0.4.1 Audio Player 2.2.5 Auditing / Logging 1.3.0 Brute-force settings 1.0.3 Calendar 1.6.0 Collaborative tags 1.3.0 Comments 1.3.0 Contacts 2.1.0 Default encryption module 2.0.0 Deleted files 1.3.0 External storage support 1.4.1 Federation 1.3.0 File sharing 1.5.0 First run wizard 2.2.1 Gallery 18.0.0 Log Reader 2.0.0 Mail 0.7.10 Monitoring 1.3.0 Nextcloud announcements 1.2.0 Notifications 2.1.2 Password policy 1.3.0 PDF viewer 1.2.0 Share by mail 1.3.0 Talk 3.1.0 Tasks 0.9.6 Text editor 2.5.1 Theming 1.4.1 Update notification 1.3.0 Usage survey 1.1.0 Versions 1.6.0 Video player 1.2.0 If you have access to your command line run e.g.: sudo -u www-data php occ app:list from within your Nextcloud installation folder ``` </details> **Nextcloud configuration:** <details> <summary>Config report</summary> ``` If you have access to your command line run e.g.: sudo -u www-data php occ config:list system from within your Nextcloud installation folder or Insert your config.php content here. Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …) <?php $CONFIG = array ( 'instanceid' => '', 'passwordsalt' => '', 'secret' => '', 'trusted_domains' => array ( 0 => 'nextcloud.domain-name.de', 1 => 'owncloud.domain-name.de', ), 'datadirectory' => '/home/webpages/provider-name/user-name/nextcloud/data', 'overwrite.cli.url' => 'https://nextcloud.domain-name.de', 'dbtype' => 'mysql', 'version' => '13.0.0.14', 'dbname' => 'db_abc_1', 'dbhost' => 'user-name.provider-name-db.de', 'dbtableprefix' => 'oc_', 'dbuser' => 'USERxyc', 'dbpassword' => '', 'logtimezone' => 'UTC', 'installed' => true, 'maintenance' => false, 'theme' => '', 'loglevel' => 2, 'mail_domain' => 'domain-name.de', 'mail_from_address' => 'mail', 'mail_smtpmode' => 'smtp', 'mail_smtpauth' => 1, 'mail_smtpsecure' => 'ssl', 'mail_smtpport' => '465', 'mail_smtphost' => 'mail.provider-name.de', 'mail_smtpname' => 'mail@domain-name.de', 'mail_smtppassword' => '', 'mail_smtpauthtype' => 'PLAIN', 'updater.release.channel' => 'stable', ); </details> **Are you using external storage, if yes which one:** local/smb/sftp/... 3x WebDAV 1 x Unknown: googledrive -> does not work anymore **Are you using encryption:** yes/no no **Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/... no #### LDAP configuration (delete this part if not used) <details> <summary>LDAP config</summary> ``` With access to your command line run e.g.: sudo -u www-data php occ ldap:show-config from within your Nextcloud installation folder Without access to your command line download the data/owncloud.db to your local computer or access your SQL server remotely and run the select query: SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap'; Eventually replace sensitive data as the name/IP-address of your LDAP server or groups. ``` </details> ### Client configuration **Browser:** Firefox 56 **Operating system:** Linux ### Logs #### Web server error log <details> <summary>Web server error log</summary> ``` Insert your webserver log here ``` </details> #### Nextcloud log (data/nextcloud.log) <details> <summary>Nextcloud log</summary> ``` Insert your Nextcloud log here ``` </details> #### Browser log <details> <summary>Browser log</summary> ``` Insert your browser log here, this could for example include: a) The javascript console log b) The network log c) ... ``` </details>

melloa · February 26, 2018, 4:29pm

Thanks. I’ll hold off on mine.

Alphakilo · February 26, 2018, 5:10pm

Slightly OT:
If memory serves me correct that was supposed to be fixed in 12.0.2 (?).
@LukasReschke feel free to correct me.

Both of those choices would be … bold. Not updating and potentially get pwned by a long fixed vulnerability.
So what’s your threat model? Why do you use encryption in the first place?
I’m all for it, but the server side encryption bit me in the ass a couple of times. I abandoned it long ago.

Privacy for a multi user Nextcloud instance or protection against someone physically reading from your drives?

Kudos for that. Everyone should, most people don’t.
Consider duplicity or rclone for encrypted off-site backups. Don’t invoke the wrath of lady luck.

John_Pagourtzis · March 6, 2018, 9:47pm

well NC will we have any solution for this problem?
Its affecting many users and you should be paying attention to it.

I would like to inform future users of NC to NOT use the encryption because NC needs still a lot job to be done to use it in production and be stable and easy do correct any problems.

Waiting for your solution,
Thank you.

rctoso · March 26, 2018, 11:31am

Hi! Same with my nextcloud "Falscher privater Schlüssel für die Verschlüsselungs-App. Bitte aktualisiere Deinen privaten Schlüssel in Deinen persönlichen Einstellungen um wieder Zugriff auf die verschlüsselten Dateien zu erhalten."
I’d really like to get rid of this.
Does someone know a solution? Or a workaround?
I really would like to read and test.

John_Pagourtzis · March 27, 2018, 1:33pm

No, no solution or responces. I have left it that way and continue work it
like that. No affection at all with my installation. But wheeeen i find
time i will do a new install and move everything there if until then I
don’t find another more stable solution

rmfberlin · April 24, 2018, 8:26am

Same problem with a complete new installation auf nextcloud 13.0.1

Frost · April 29, 2018, 1:12pm

Same, new install of NC -13.0.1- when I put the passwords in, the status changes to “Saving” but will not actually update, so this can’t be resolved.

ace · May 17, 2018, 2:35pm

Same here with a new install of Nextcloud 13.0.2…

John_Pagourtzis · May 17, 2018, 7:00pm

NC don’t even blink about this problem. Don’t bother or spend your time. Stick to version 12 better.

NC needs a rolling release schema this update thing is…

MeiRos · May 18, 2018, 1:02am

I have the same problem, but I’m not sure if I had this after upgrade from 13.0.1 to 13.0.2 or after I did some disabling/enabling apps.
At least after disabling Default encryption module, I don’t get that line.
And I have never encrypted any files…