Migrate from master-key-encryption to user-key-encryption


I have the latest version of nextcloud installed, with the default encryption module enabled. All my data is currently encrypted with a master key.

However, I actually prefer user-keys, not a master-key. I am aware of the disadvantages.

I have two question about this:

  1. Are user-keys deprecated and subject to be deleted in the future? I remember owncloud mentioned that they want to completely remove user-keys feature in the future. I do not know if this also reflects the view of the nextcloud developers.

  2. Can I switch from master-key to user-key without losing data? I am anxious to execute the ./occ encryption:disable-master-key command, because I am not sure if it just switches the default mode from master-key to user-key or if it disables the master-key, destroying all existing data.
    Or is there any different procedure which I need to do? Decrypt all, then re-encrypt everything? How?

Question 2 might be answered with Changing encryption from master key file to user key file with recovery key file encryption , but it is not clear if the person had existing data or not. For my case, I have data that I don’t want to lose.

Thank you for your help

Nextcloud version (eg, 20.0.5): 27.1.1
Operating system and version (eg, Ubuntu 20.04): Linux version 6.1.0-11-amd64 / Debian 12.1
Apache or nginx version (eg, Apache 2.4.25): 2.4.57
PHP version (eg, 7.4): 8.2.7