unfortunately, it doesn’t go into detail on how the file-sharing works with enabled
server-side encryption. so basically, encryption is done by
file-specific encryption keys plus the users password. yet, the
manual states that file sharing works, even if encryption is enabled
(though the users might have to re-share files & folders after
encryption was enabled). how this is done - i don’t know. maybe someone
can help here!?
nevertheless there seem to be some problems with file-sharing &
activated encryption. i’m on nextcloud 10.0.1 and activated encryption.
individual users had access to their own files, yet shares were not
readable by the users/groups they were shared with. i just couldn’t get
it to work. i tried the following things (everytime the files were not
readable by the recipient):
activate encryption share files after that with pre-existing users who logged out/in after enabling encryption
creating new users after activating encryption
creating an admin recovery password for encryption (after which i repeated the first two experiments)
nonetheless, filesharing didn’t work. maybe i did something wrong in
the process? if so — there is — in my opinion, a huge need for an updated
(more into detail) manual for encryption, especially for filesharing.
right now, i deactivated server-side-encryption, because filesharing is the
top priority for my users. even though everyone using my server
(including myself) would highly appreciate the added security of
server-side-encryption.
so, my questions are:
how does file-sharing with enabled default server-side-encryption work?
You have not specified weather you are encrypting data on third party servers, like dropbox, or your own local server.
Local shares should work exactly the same way non-encrypted shares work. If you are having issues with local shares, could you provide some more information.
1: How are you sharing? Links? Direct user shares? Groups?
2: What errors are you receiving?
3: Is there anything in the nextcloud.log file. Set the log file to debug first.
Can you supply screenshots of a share setup?
Server side encryption provides absolutely no increase in security when dealing with local files. If you’re not encrypting data at third party services, then you should leave encryption disabled entirely.
it was encryption on my own local server (not third party servers)
local shares do work if encryption is not enabled
sharing was done via direct user shares and group shares
nextcloud.log showed me mainly this error:
“Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.”
unfortunatly even resharing (or sharing between the newly created test-users) did not work. when trying to download files, the browser gave me a 503 error. when trying to download folders, i got a corrupted zip file. when clicking on an image, nextcloud showed me the error: “Could not generate preview of this file. […]”
so afaik it is a problem with decrypting by users who are not the owner of the file (even after re-sharing).
(is encryption/decryption only done by keyfiles or by keyfiles plus the users passwords?)
well my idea was actually, that i’d have at least some increased security if someone had physical access to the harddrive(s), without needing to do something like a LUKS encryption on a lower level.
Can you try a simple test. As user1, create a new folder with a plain text file in it. Then share that folder directly to user2. Is user2 then able to access that share?
Keep in mind the encryption keys are stored in plaintext. Thus anybody with access to your hard drive, has access to the decryption keys for your files. Encrypting the data disk that Nextcloud resides on is a better idea for local security.
well, that’s exactly what i tried. user2 was not able to access that share. (yet it can’t be a permissions issue for apache because the owner can still read the files/folders) … hmm
but for now i think i’ll follow your advise and will switch to disk encryption, even though that can be quite a nuisance when the server needs a reboot or there is a power outage, because i’ll have to provide the decryption passphrase everytime before the harddrive can be mounted.
They should be protected with the user password, so if you get your hands on the offline disk you still need the passwords. A special sharing key will be created when you share a file. But it only works with users that are already on the system and have a key at the time of the share. Or you have to reshare the folder. The problem in terms of security is that during your access, the files will be decrypted and someone with access to your server can change the code to get the passwords. There is little benefit on the local file system and you have a lot of problems with the encryption app. LUKS would also protect your offline disk and is completely transparent for Nextcloud.
thank you tflidd!
that’s exactly the information i did not get by reading the admins manual on encryption and sharing.
i’ll keep your reasoning in mind and will stick with full disk encryption.
thanks and appreciation to both of you. gotta love the nextcloud community
