Restoring encrypted files

PiTower · September 6, 2024, 8:30pm

I had to reinstall Nextcloud 29 on my RaspberryPi due to a Hardware-Crash on my USB-Stick… After reinstalling, I recognized that some files could not be opened due to encryption issues on my HDD. This is also valid for the signature pictures of Nextcloud, as you are able to see on the Header copy -below. How can I restore the files, which I am not able to open currently.

HBEGIN:oc_encryption_module:OC_DEFAULT_MODULE:cipher:AES-256-CTR:signed:true:useLegacyFileKey:false:encoding:binary:HEND--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\~¶bªEºS(Õò‰ÁñE	Q¶ƒmÛa¢eN‹å,b#F4ãlø©îj÷Ï»Þ¿í¦€M±ú³¹\`õbñd\~8}táŽ—ç°ž¿âá“ªd'¬<Ç&ÝLî°ï%×È„±/Dlê	\~ôÌÇçÆÃ%é¯ûCþ#Ñò³C8¾fÅ@Æ
ËÃ¬é<¨}F6“ˆ×XÚPwKüXŸ¯"X¼ÖIÀ˜-È’‡ë¨±“Ä>3õÈä}µTGIfÚó¦ªF‘·¼òçæhßÅe—p<U—‘£¢‡Ž¹ýäH²¯AuÁŸ0iæÕyUœYÅÍ=qÖ"jøŽ6¸•õ9¤½AÜH5QåõµñóÜ{ê-ˆo½+I|÷Üí€‘\[ì8¸."˜7î£ÝÅEPŠ",{%ï¸$˜)ø´,$ón?=ªêz6¡Lo®éù´ãáûaÝ"´éJþÑ°†Sz È.ce�H5jjÎ+þ
ÌÕ·:"4t„|¦ø³ƒaáÉ}
'š›få\[ì°Ëz\_}RC$ié1lzá.æêxm‘¨&¯00iv00ÑJznö·½ðaèTÎúW:V00sig0006a9359367703b6edaf610ebcdd9ce1850390f5cf5d429766be3b991d4c7af92xxx

jtr · September 6, 2024, 8:46pm

A standard restore should have been sufficient.

Did you restore your instance or build a complete new one?

Did you perhaps only restore your files, but not your config and database?

Restore: Restoring backup — Nextcloud latest Administration Manual latest documentation

PiTower · September 7, 2024, 9:13am

I restored it from a Backup, which was Nextcloud 28 and updated it afterwards to Nextcloud 29.

jtr · September 7, 2024, 2:25pm

By “it” do you mean just the contents of data/ or did you also restore your config.php and database? The former is particularly important if using encryption.

PiTower · September 7, 2024, 2:49pm

Sorry, I meant I restored it from an Image-File which I made 4 weeks before, and renewed then the Database with an occ command: ```
sudo -u www-data php occ files:scan --all

wwe · September 7, 2024, 8:16pm

as long you still have access to your backup restore is possible using GitHub - nextcloud/encryption-recovery-tools: This project contains tools to recover files that have been encrypted with the Nextcloud End-to-End Encryption or Nextcloud Server-Side Encryption.

PiTower · September 8, 2024, 8:10am

I am going to try this - Thank you! probiere ich mal aus - Danke → muss ich beide Skripte laufen lassen (end to end, server side)?

PiTower · September 8, 2024, 2:55pm

I do not understand the concept of recover.php, since this isn’t an executable file and it is not possible to call it via. the browser within the directory./server-side-encryption.

PiTower · September 8, 2024, 5:44pm

To be honest, it can’t be true that you lose the files you wanted to back up because Nextcloud can’t get to grips with the encryption - decryption - encryption issue… I lose my data because after a hardware crash at administration level Nextcloud is no longer able to read the data on the HDD via an image file backed up installation…

wwe · September 8, 2024, 7:34pm

nobody can tell you why it doesn’t work - likely your backup strategy failed. so far an important learning - each backup is only as good as your restore process - this must be evaluated regularly and not only in case of disaster. in general you might not fully understand the goal of server encryption - please familiarize yourself with the tools your are using.

regarding the tools - they come with a comprehensive guide and many people successfully recovered files in the past. RTFM please!

jtr · September 8, 2024, 10:35pm

What, precisely, did your “image” backup contain?

In Nextcloud there are multiple bits of “data” that are all important to back up:

Contents of your configured datadirectory (what most people think of as their “data”)
Contents of your config/ folder
Contents of your chosen database

If you had to run occ files:scan after your restore I’m concerned you didn’t have all the elements covered.

PiTower · September 9, 2024, 8:32am

Sorry if I exaggerated my previous answer. I am going to try it further with recover.php. The Image File contained a copy of the Nano-SD-Card with the Nextcloud Installation and all adjustments to access the HDD.

PiTower · September 9, 2024, 6:02pm

…so far so good: I have provided my secret, my user password and my instance-id → NC_Admin is the target directory, Nextcloud-Admin is the source. here are the results:
ubuntu@ubuntu:~/encryption-recovery-tools/server-side-encryption$ php recover.php /media/disk/data/NC_Admin /media/disk/data/Nextcloud-Admin|*

PHP Warning: scandir(/media/disk/data): Failed to open directory: Permission denied in /home/ubuntu/encryption-recovery-tools/server-side-encryption/recover.php on line 1226

PHP Warning: scandir(): (errno 13): Permission denied in /home/ubuntu/encryption-recovery-tools/server-side-encryption/recover.php on line 1226

PHP Warning: foreach() argument must be of type array|object, bool given in /home/ubuntu/encryption-recovery-tools/server-side-encryption/recover.php on line 1227

PiTower · September 9, 2024, 7:01pm

do i have to enable server-side-encryption before running recover.php?

jtr · September 9, 2024, 7:15pm

No.

But based on the error you do have a permission problem at the OS level.

system · December 8, 2024, 7:15pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.