Nextcloud 12 : Automatic enable encryption key recovery on user side


I’m doing automatic deployment of Nextcloud via Docker containers.
After deployment, I run occ commands to launch installation, configure several things like enabling encypt app.

I can’t find a way to automate theses 2 things :

  • the recovery key creation (admin side)
  • activate recovery (client side)

I can live with the first one, as it can be handled by the deployment’s administrator.

But I really would like to be sure that every user could be recovered, without telling them to go and activate that option in their settings.

The only way I think it’s possible is by inserting fields in the oc_parameters table. But It needs to be donne every time a new user is created…

Does someone already solved that problem ?

Do you use external storage? No -> don’t use server-side encryption and wait for the deployment of client-side encryption in NC 13.


No, I don’t use external storage.
Client-side seams promising, but I thing will be a bit more challenging for un-educated users.
Also, it lacks some functionalities like group sharing, trash bin and versioning.

Anyway, I will test that as soon as i can.

@gmocellin With NC13 they will also change server-side encryption for easier sharing and better performance (no single file key anymore). It’s a bit less secure but has some more advantages. I recommend waiting for NC13, nor for E2E-encryption but for the new server-side encryption :slight_smile: