Understanding Nextcloud encryption better

I’m trying to better understand how encryption is handled in Nextcloud, to identify any weak spots in my setup. I am running Nextcloud AIO Docker (currently v.7.5.1). I host this on a Linode, where data is stored on one block storage and I use another block storage for the Borg backup.

Please also let me know if any of the questions are based on a misunderstanding of how anything works, I need to learn this better.

  1. I have server side encryption enabled through the default encryption module. I have also enabled home storage encryption. Exactly when and where is the data encrypted and decrypted? Is it on login/logout? How does that work with clients that are continuously logged in, like on the mobile app? I assume since it is server-side, that the data is decrypted on the server before being sent to my client. But is it on a demand basis? I.e. I ask for access to a folder, that folder is decrypted on the server and transferred via HTTPS to my device?

  2. If someone gained access to the VPS as my sudo user, would all they could see of my data be gibberish without the encryption key? I read on the Encryption-page of Nextcloud-site the following: “Server Side Encryption can also be used on local storage. However, inherent to the concept of server side encryption, encryption keys will be present in memory of the Nextcloud server during the time a user is logged in and could be retrieved by a determined attacker.”. How determined would they have to be? Would it be considered difficult to get a hold of the key from memory? I don’t think I am a very valuable target for resource-heavy attacks, but if this is trivial I would be more concerned.

  3. The Borg backup encryption is not in any way connected with the server side encryption? So that the encryption key is not the same?

  4. The AIO-dashboard is only available from a logged in session? Seeing as the Borg backup encryption key is shown in plain text there I mean.

Server side encryption is intended for external storage mounts afaik.

“Its main purpose is to encrypt files on remote storage services that are connected to your Nextcloud server.” See here for documentation

If someone gains access as sudo they will have unlimited access to your data and server to do anything they please.

Having sudo access means I am literally in there with keys in-hand, which means all attack vectors are open for me to attempt. Real life equivalent would be someone with your car keys in-hand, getting in and driving away as any owner would. Hope that helps understand what sudo privileges mean.

That depends on how you manage your login system. My .02 is:

  • Two factor over totp
    • Require all users to use it.
  • Create a user account for yourself that is not your admin account.
  • Fail2ban or a similar system to auto-ban continuous failed login attempts.
  • If you don’t need your server public, route through a VPN like WIreguard or Tailscale.

@wolframautomaton I think this is not truly about encryption and much more about understanding how to protect yourself online. Nextcloud has proven it can be public facing, but you will need to set up hardening to protect yourself and your users. :heart:

Thanks for your answers :slight_smile:

I also read something similar in an older blog post, but since I found the Home storage encryption option, I assumed there would be a point to enabling it:

Enabling this option encrypts all files stored on the main storage, otherwise only files on external storage will be encrypted

And the point being related to the below:

I have folders on my laptop that is encrypted, which cannot just be decrypted because someone gains sudo access to my laptop. I was under the impression that the server side encryption achieved something similar, i.e. encryption that relied on something external (my user password) to decrypt. But this is false?

I do have 2FA enabled for my user, but I have some “dummy” users with no access to my files, that I use for e.g. GPodder synchronization. Is such a user a risk?

I do have a user account for myself, but that has admin privileges. I guess this is mostly from laziness and not wanting to switch accounts when doing any admin work.

I attempted to set up fail2ban, but I was unable to get it to work with the AIO. It seemed to be setup correctly, but IPs were not banned from several failed attempts. I never figured out how to set it up properly. I don’t see any failed login attempts in my logs though, which I hope is an indication that it is left alone.

Hehe, yeah, and I am trying my hardest to learn this as well as possible. But in the case there is a breach of some sort, I am hoping to have additional safeguards in place to not lose my data :slight_smile:

Do you mean full disk encryption? In the case of veracrypt, it would only encrypt at rest before mounting. This is good for someone who steals your physical server or hard disk. Or for someone accessing your shares from a remote system, but not for someone with sudo access within your server.

If someone is logged into your system as sudo (and veracrypt is mounted) they have already bypassed home encryption. To be fair, that would be unlikely.

If you are worried about them you can always add two factor for general safety, or simply generate a one-time password for gpodder access under your security settings on the top right menu.

It is correct, but you specifically asked about someone who had sudo access to your machine: That would be the kiss of death, otherwise server side encryption can encrypt your remote shares from randos.

fwiw, I don’t personally find server side encryption useful at all, but home encryption / full disk encryption / folder encryption from veracrypt all make sense.

This is what the option for server side encryption says, so I am not sure what it actually means.

I still don’t know if I fully understand this, which is my main goal here - to actually understand what is going on.

Anyone can having sudo access to my laptop will still not be able to access all my files. My drives are encrypted, and of course that encryption is breached (similar to your Verycrypt example), but I have certain folders encrypted on top of that which no one will have access to unless they have my encryption password (or successfully can brute force it).

If someone would ssh into my VPS as a sudo user (I don’t think this will be very likely, but still), by which mechanism would they be able to decrypt the files? From what I read that I posted above regarding decryption keys stored in memory, my first guess would be this, which is why I was wondering how easy it is to do so once you have gained access to the server. Or is everything decrypted every time a client is synchronizing against the server, so they can just wait for that to happen and grab the files while they are decrypted somewhere (and where would that somewhere be?)?

What about user management? I believe the encryption password is my login password (or connected at least), right? Can you, if you are logged in from a sudo user, change the password of my user and thus also change the encryption password and gain complete control over it? If so, I understand why it is game over at this point.