Wie schafft man die updater.secret Hürde auf einem all-inkl Server?

🗃️ Hosting providers
1

Welche Schritte sind bei der folgenden Meldung zu unternehmen? Bitte genau beschreiben.

Authentication

To login you need to provide the unhashed value of “updater.secret” in your config file.

If you don’t know that value, you can access this updater directly via the Nextcloud admin screen or generate your own secret:

php -r '$password = trim(shell_exec("openssl rand -base64 48")); if (strlen($password) === 64) {$hash = password_hash($password, PASSWORD_DEFAULT) . "\n"; echo "Insert as \"updater.secret\": ".$hash; echo "The plaintext value is: ".$password."\n";} else {echo "Could not execute OpenSSL.\n";};' Invalid password

2

You can run the given code from command line of your Linux system:

php -r '$password = trim(shell_exec("openssl rand -base64 48")); if (strlen($password) === 64) {$hash = password_hash($password, PASSWORD_DEFAULT) . "\n"; echo "Insert as \"updater.secret\": ".$hash; echo "The plaintext value is: ".$password."\n";} else {echo "Could not execute OpenSSL.\n";};'

For me the output is:


Insert as "updater.secret": $2y$10$CiioqG06g7fZQUJYLgjnt.QLY.Us1YKSTIgPOuV82LH30hnWodL6.
The plaintext value is: AwjiEXiC1f9vJ6+bao3dCdmuqbmS+4V7wWFkszhpeqkIlyMnIEnpazDuWVPJ0iLx

the updater-secret goes into the config-file (that is the hashed value of the password),
and you need to keep the plaintext value and provide it for each update.

3

Or without shell access in a php script:

4

I have the same issue and can’t seem to fix it unfortunately. What am I missing?

So, I have a php file that I run

<?php
$password = trim(substr(base64_encode(mt_rand()), 0, 47));
$hash = password_hash($password, PASSWORD_DEFAULT);
echo "hash: " . $hash . "<br>";
echo "password: " . $password . "<br>";
?>

I go to https://cloud.bar.baz/nextcloud/updater/, it says “Authentication” where you have to put a “Secret” in.

I copy the “hash” value from the php file into the Nextcloud config “updater.secret”.
When I now enter the “password” it says “Invalid password” on nextcloud.
When I update the page, the config file also gets updated with a new “updater.secret” value.

5

Any help, maybe? Please?

6

You have to take the generated value of hash and to insert it into config file, and then on frontend you enter the generated password value.

7

Yes, that’s what I did?