Nextcloud 13 breaks users' encrypted files

ℹ️ Support
,
1

Nextcloud version (eg, 12.0.2): 13.0.1.1
Operating system and version (eg, Ubuntu 17.04): Debian 8
Apache or nginx version (eg, Apache 2.4.25): NGINX 1.14.0
PHP version (eg, 7.1): 5.6

The issue you are facing: An ever increasing number of users can no longer access some or all of their files. Several of these users do not even have a local copy of their files, which means that they may have permanently lost important information/work etc. I have sought help on Github (), but I have not yet received any answer. This is a very serious problem and it seems to be getting worse day by day, as more and more users are getting affected by it. I would be very grateful if somebody would help.

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Upgrade a Nextcloud 12 installation, with file encryption enabled, to Nextcloud 13.

The output of your Nextcloud log in Admin > Logging:

2018/08/13 15:24:32 [error] 23796#23796: *6267139 FastCGI sent in stderr: "PHP message: [owncloud][webdav][4] Exception: {"Exception":"Sabre\\DAV\\Exception\\ServiceUnavailable","Message":"Encryption not ready: multikeydecrypt with share key failed:error:0906D06C:PEM routines:PEM_read_bio:no start line","Code":0,"Trace":"#0 \/var\/www\/nextcloud\/apps\/dav\/lib\/Connector\/Sabre\/File.php(188): OCA\\DAV\\Connector\\Sabre\\File->convertToSabreException(Object(OCA\\Encryption\\Exceptions\\MultiKeyDecryptException))\n#1 \/var\/www\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php(1130): OCA\\DAV\\Connector\\Sabre\\File->put(Resource id #21)\n#2 \/var\/www\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/CorePlugin.php(513): Sabre\\DAV\\Server->updateFile('files\/***REMOVED SENSITIVE INFO***...', Resource id #21, NULL)\n#3 [internal function]: Sabre\\DAV\\CorePlugin->httpPut(Object(Sabre\\HTTP\\Request), Object(Sabre\\HTTP\\Response))\n#4 \/var\/www\/nextcloud\/3rdparty\/sabre\/event\/lib\/EventEmitterTrait.php(105): call_user_func_array(Array, Array)\n#5 \/var\/www\/nextcloud\/3rdparty\/sabre\/dav\/l" while reading response header from upstream, client: ***REMOVED SENSITIVE INFO***, server: ***REMOVED SENSITIVE INFO***, request: "PUT /remote.php/dav/files/***REMOVED SENSITIVE INFO***/Personal/***REMOVED SENSITIVE INFO***.xlsx HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "***REMOVED SENSITIVE INFO***"

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***REMOVED SENSITIVE VALUE***"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "13.0.1.1",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "logtimezone": "Europe\/Berlin",
        "installed": true,
        "enable_previews": true,
        "memcache.local": "\\OC\\Memcache\\APCu",
        "enable_avatars": false,
        "logdateformat": "Y-m-d_H:i:s",
        "updatechecker": false,
        "log_type": "errorlog",
        "logfile": "",
        "loglevel": 2,
        "customclient_desktop": "***REMOVED SENSITIVE VALUE***",
        "maintenance": false,
        "trashbin_retention_obligation": "auto,90",
        "activity_expire_days": 90,
        "preview_max_scale_factor": 1,
        "preview_max_filesize_image": 10,
        "skeletondir": "\/var\/www\/nextcloud\/themes\/***REMOVED SENSITIVE VALUE***\/skeleton",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "php",
        "mail_smtpauthtype": "LOGIN",
        "mail_domain": "***REMOVED SENSITIVE VALUE***"
    }
}

The output of your Apache/nginx/system log in /var/log/____:

***REMOVED SENSITIVE INFO*** - ***REMOVED SENSITIVE INFO*** [13/Aug/2018:15:24:29 +0200] "PUT /remote.php/dav/files/***REMOVED SENSITIVE INFO***/Personal/***REMOVED SENSITIVE INFO*** HTTP/1.1" 503 328 "-" "Mozilla/5.0 (Windows) mirall/2.3.3 (build 1) (Nextcloud)"
***REMOVED SENSITIVE INFO*** - ***REMOVED SENSITIVE INFO*** [13/Aug/2018:15:24:30 +0200] "PUT /remote.php/dav/files/***REMOVED SENSITIVE INFO***/Personal/***REMOVED SENSITIVE INFO***.xlsx HTTP/1.1" 503 328 "-" "Mozilla/5.0 (Windows) mirall/2.3.3 (build 1) (Nextcloud)"
***REMOVED SENSITIVE INFO*** - ***REMOVED SENSITIVE INFO*** [13/Aug/2018:15:24:31 +0200] "PUT /remote.php/dav/files/***REMOVED SENSITIVE INFO***/Personal/***REMOVED SENSITIVE INFO***.xlsx HTTP/1.1" 503 328 "-" "Mozilla/5.0 (Windows) mirall/2.3.3 (build 1) (Nextcloud)"
***REMOVED SENSITIVE INFO*** - ***REMOVED SENSITIVE INFO*** [13/Aug/2018:15:24:32 +0200] "PUT /remote.php/dav/files/***REMOVED SENSITIVE INFO***/Personal/***REMOVED SENSITIVE INFO***.xlsx HTTP/1.1" 503 328 "-" "Mozilla/5.0 (Windows) mirall/2.3.3 (build 1) (Nextcloud)"
2

I don’t use encryption, but your error

multikeydecrypt with share key failed

indicates that it could be related with shared files. In the past there were problems when folders were shared with groups and new users were added. So it helped to unshare and share again this content. In case it is a problem with a user’s personal data, this message is probably unrelated (however check if it is the case, if there is this error, this might be a bug).

For NC 13, there are already newer version that perhaps fixed the bug:

3

@tflidd, thank you for your answer. I am aware of this issue with shared files. However, in this case, it happens with files that have never been shared with anyone. Any other suggestions, may be?

4

Use current version and file bug report if the problem still exists.

5

I have upgraded the NC server to the latest stable version. Unfortunately, the problem persists. A bug report has already been filed (https://github.com/nextcloud/server/issues/10671), but still no answer. This is a serious problem and nobody seems to be willing to help!

1 Like
6

Unfortunately, there are many open issues with server-side encryption. I generally discourage people to use this function as it has limited benefits (except on external storage) and a number of potential problems.

7

What is more unfortunate than the number of open issues with server-side encryption, is the fact that not much is being done to resolve them and I am basing this conclusion on the complete absence of response, from NC’s side, to the issues that I have either opened or taken part in.

Are you speaking on behalf of NC, when you say:

I generally discourage people to use this function as it has limited benefits (except on external storage) and a number of potential problems.

?

Does this mean that the entire NC project has been based on a server-side encryption that has “many open issues” some (or at least one) of which cause users to permanently lose access to their data? Or should one use the featured end-to-end encryption app, which is still in alpha??? To me, it seems that NC are simply not interested in providing support for server-side encryption as they want to move to end-to-end encryption, leaving system admins unbacked.

Also, I don’t believe that external storage is the only reason why one needs to use file encryption. Any system with access to the Internet is by definition insecure. Even if you do trust your storage provider (or even if you are your storage provider), you still cannot trust that your system will not be compromised, and file encryption is one more layer of security, if you want to protect your privacy.

Having said all this, I want to make clear that I do appreciate you being the only one to respond.

1 Like
8

No, it’s just some bad experience I had back some time ago (still under ownCloud). Since then, the code has been reworked and might be much better. I also don’t know how much people use it and how many do actually have problems. My point here is, why use server-side encryption for something it wasn’t designed for at all. In the best case it is useless in the worst case you can get problems you wouldn’t have.

Is something very different and the only efficient way to protect your data against the admin of the server. That’s a great step to give users more control about their data.

Honestly, I’m quite happy that they don’t roll out something in alpha and develop it carefully. Many would like this to succeed much faster.

They support it officially, you get enterprise support for it. And they probably have customers using it. I can’t tell in all cases, why a specific issue gets more attention, there are some very obvious cases but this one I don’t know enough details.

For me it’s more like you hide the key under the flower pot because most burglars only look under the door mat. Or changing the ssh port to something different instead of using key authentication or second factor authentication which really increase security. But since server-side encryption is possible on local storage it should certainly work, it’s up to you to decide.

9

Yes, the encryption code is really problematic and is one of the points where you can only shake your head … for me it starts with the no-go that there are apps provided by the Nextcloud team which don’t work with encryption at all. So it seems to continue to be a second or third thought …
I am running both Nextcloud and ownCloud and must say that ownCloud continues to provide quite some fixes in this area https://owncloud.org/changelog/server/ whereas the Nextcloud team seems to focus on end-to-end encryption only which is now in alpha since ages and therefor unusable for me and my clients. And that even as the encryption developer moved from ownCloud to Nextcloud with the fork.

Besides that the encryption is easy, difficult seems to be the decryption, particularly with large amounts of data … or just try to change the masterkey in Nextcloud when it was compromised for some reason …