Web-enabled built in encryption

I know all of the standard answers. I know there is E2E support, but it doesn’t work on the web interface. This would be a tremendous boost to productivity. I think it’s a feature everyone wants, but devs dont want to talk about it and everyone just assumes it’s not feasible. I think it is feasible. What are your thoughts? light up the phone lines !

There are some providers, such as https://mega.io (sorry not tested), that support client-side encryption in the browser. The problem, however, is that this only works with corresponding JavaScript encryption/decryption libraries and this is seen as a security risk by Nextcloud, and not without good reason.

However, you can take a look at the Nextcloud Secrets app. This enables browser-based client-side encryption. However, this is not comparable to if all E2E-encrypted files were accessible in the browser. It’s more for sharing small secrets like passwords securely.

And here a text to E2E:

article about E2E in Nextcloud blog:

As these files are no longer available on the server, and thus can not be shared with a public link, accessed in the browser or shared in a chat session, end-to-end encryption is not meant for the majority of data. Instead, it is meant to provide extra protection for your most sensitive information.

1 Like

I know all of the standard answers. I know there is E2E support, but it doesn’t work on the web interface. This would be a tremendous boost to productivity. I think it’s a feature everyone wants, but devs dont want to talk about it and everyone just assumes it’s not feasible. I think it is feasible. What are your thoughts? light up the phone lines !

Well, what are your thoughts?

What is your use case for a server delivered in-browser client for E2EE?

And how does it differ from just using server-side encryption (which already supports access via the browser client just fine)?

No one is assuming anything. Generally development doesn’t occur unless there’s a clear use case, a clearly articulated solution, and the benefits outweigh the work involved.

If you’ve already know all the standard answers then I won’t bother explaining why having the server provide the client code that implements the end-to-end client generally breaks the end-to-end nature of end-to-end encryption. :slight_smile:

I certainly don’t have all the answers. I can barely manage my home server lol.

I guess my example would be the passwords app. The entries are not encrypted by default, but you can set a password and it encrypts through the web interface. Im not knowledgeable enough to know this is a fair comparison, but it seems like it is.

I really don’t want to encrypt everything. In my experience, adding encryption increases the risk of data loss significantly (due to user error, people losing keys).

Right now, I instruct them to use cryptomator. It’s fine, it works, but you still need the cryptomator app running locally. It’s just a bit cumbersome and would be nice if the web interface has the function built in. Really, the question could be directed at the cryptomator team… They probably could write a nextcloud app for this feature.

Fair enough. So it sounds like your main use case is to be able to selectively encrypt things rather than to encrypt all of your files.

Fortunately, server-side encryption doesn’t require everything to be encrypted. It used to not even default to encrypting your home folder (since it’s original application was for External Storage). It still asks you if you want to encrypt your entire home folder when you enable encryption, so there’s no need to encrypt everything if you uncheck that option.[1]

One approach that comes to mind for your situation (where you only want to encryption some data) would be to:

  1. Establish a Local External Storage mount (see the Admin Manual[2])
  2. Uncheck (disable) home folder encryption when you enable server-side encryption
  3. Check Enable encryption on only the External Storage mount you want it to be used with

Everything at this External Storage mount point will be encrypted.

You can also create additional similar mount points if so desired for organizational purposes.

This would use the standard encryption app that implements server-side encryption. That fully functions in the Web UI already.

[1] Encryption configuration — Nextcloud latest Administration Manual latest documentation
[2] Local — Nextcloud latest Administration Manual latest documentation

Yes that is what I’m looking for… A way for my users to selectively encrypt.

Now, having a dedicated folder would work. I already use SMB for the data folder (served by Truenas). I mount this in Fstab, pointing it to var/www/nextcloud/data so nextcloud just sees it as local folder.

I suppose I could setup a separate share and encrypt only that folder. I’ll have to try that out. I would probably have to make a separate dataset for each user though, which would be a bit painful but it may be the best solution right now. Actually a lot more painful as it would require snapshots and backups setup for each dataset.

You may be able to streamline things a bit by using variable substitute in the mount point (i.e. so there’s no need to define all mounts for each user):

https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/external_storage_configuration_gui.html#usage-of-variables-for-mount-paths

Thanks for the replies, everyone.

I enabled E2E encryption for my users. I made a cheat sheet showing how to use it, and stressed multiple times how they must not lose their passwords.

The biggest reason I did this was my servers are in different locations, so people are worried about the physical security of the boxes. I understand that, and it worries me too. If I only do server side encryption, theyre still relying on me for security. With E2E, it hardly matters if someone physically steals the boxes.

I think the worst that can happen, and someone correct me if needed, is if someone gets access to the servers, they could reset a user’s password, get into their account, and connect the desktop app or android app to see the encrypted files. Obviously, this is always a risk whether you encrypt anything or not.

I also like the E2E because it inheritly lets you choose what folders to encrypt. So the only wish I have is to be able to access the files from a web browser, but if I absolutely have to do that at least I can VNC into a computer at home that has the desktop app connected.

That said, people seem to like that you can’t access the encrypted files from the web page. It comforts them knowing if someone doesn’t have their phone or laptop, they cant see the files.