Server-side encryption, after decrypt-all all data destroyed

DrMartinMR · January 17, 2024, 7:06pm

Support intro

I’m really upset about Nextcloud’s promoted server-side encryption. After losing multiple files after sharing and updating, I disabled server-side encryption. But before that, I decrypted all files using occ encryption:decrypt-all without any error. I disabled server-side encryption.

Since then, every file has been corrupt. I had and provided the admin resecure password. head -c27 x.y returns HBEGIN:oc_encryption_module for all files

I do NOT have access to all my family and friends’ Nextcloud credentials; that’s why setting up a new Nextcloud is actually not an option.

What can I do? I’m using NextCloud since I upgraded it from my ownCloud very early.

Nextcloud version: 27.1.2

Operating system and version: Plesk: chrooted; Linux

Apache or nginx version: Plesk: Apache+nginx

PHP version: 8.2.12

Is this the first time you’ve seen this error?: N

Steps to replicate it:

Run sudo -u www-data occ encryption:decrypt-all
Optionally repeating Nextcloud says “Server side encryption not enabled. Nothing to do”.

But in fact, all files are still encrypted.

I have a backup before the decryption, and that works fine; files are encrypted and can be used normally, but I like to have a stable Nextcloud running decrypted.

yahesh · January 20, 2024, 1:41pm

You could have a look at the encryption-recovery-tools to decrypt your files. In the last couple of months even the support for very old encrypted files was added.

jtr · January 20, 2024, 3:19pm

Can you share more details about your environment?

output of occ config:list system
output of occ app:list
Are you encrypting home directories or just external storage mounts?
What is your primary storage/data directory (local filesystem, s3, etc)?
Are you using the groupfolders app?
Do you recall if the output of occ encryption:decrypt-all listed all of your users and took awhile?