Testing out encryption/decryption

Hi all,

I am very new to the product and, at this point, I am extensively testing it out. So far I am falling in love with it!
One of the key reasons that I want to go with a personal cloud solution is privacy and security, and most of my testing is concentrating around that.
So far, I managed to setup encryption and all works great.
Now, my next step was to test out disaster recovery and I tried decrypting all the files that I already have and followed this article: https://docs.nextcloud.com/server/11/admin_manual/configuration_files/encryption_configuration.html#disabling-encryption

However, when I run occ encryption:decrypt-all
I am getting these messages and files are not getting decrypted:

Disable server side encryption… done.

You are about to start to decrypt all files stored in your Nextcloud.
It will depend on the encryption module and your setup if this is possible.
Depending on the number and size of your files this can take some time
Please make sure that no user access his files during this process!

Do you really want to continue? (y/n) y
prepare encryption modules…

Prepare “Default encryption module”

You can only decrypt the files of all users if the
recovery key is enabled by the admin and activated by the users.

Please enter the recovery key password:

Fetch list of users… finished

starting to decrypt files… finished

Files for following users couldn’t be decrypted,
maybe the user is not set up in a way that supports this operation:

The user ShurikAg is the one and only user in the system (admin). What am I missing? What additional setup needs to be done for the user to allow smooth decryption?

Also, are there any processes and procedures for disaster recovery?


Did you try the command to only decrypt for one user?
sudo -u www-data php occ encryption:decrypt ShurikAg