<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body><div>Got it. Thank you.</div><div><br></div><div><br></div><div><div style="font-size:75%;color:#575757">Sent from my Galaxy S®III</div></div> <br>Robin Appelman <icewind@owncloud.com> wrote:<br>On Wednesday 08 August 2012 22:39:53 Niazy Selim wrote:<br>> Robin<br>> <br>> Thank you very much for your reply and for the script. I will try it<br>> tomorrow and let you know. While we are at it, I have a question. Is the<br>> encryption against the plan user's password? Meaning, is it important to<br>> keep the encryption.key file in a safe place? Again, thank you very much<br>> for your response.<br>> Niazy<br><br>A combination of the encryption.key and the users password is used to encrypt <br>the files, so keeping the encryption.key file safe is important.<br><br> - Robin Appelman<br> <br>> Sent from my Galaxy S®IIIRobin Appelman <icewind@owncloud.com> wrote:On <br>Wednesday 08 August 2012 07:32:33 niazy@niazyselim.net wrote:<br>> > Hello All,<br>> > <br>> > I am in the same dilemma as Andreas. I had all my files and my wifes<br>> > files (separate accounts) encrypted in owncloud. Things were working<br>> > well. The server was acting up so I decided to reinstall to a fresh<br>> > Ubunut 12.04LTS. I had my owncloud/data/ on a separate partition on a<br>> > RAID5 disk.<br>> > After resinstall, out of paranoia and to be safe, I copied the data<br>> > first to owncloud/data/ using regular cp command.<br>> > Our passwords are the same. My files are encrypted and I cannot<br>> > decrypted them any more. The encryption.key file is the the original<br>> > one. I wrote a php routine to decrypt the can decrypt the<br>> > encryption.key and I was able to retrieve its salt. For an expirement,<br>> > I encrypted a text file using owncloud and I still cannot decrypt the<br>> > text back. It decrypts in owncloud browser but not using a php<br>> > blowfish routines. I emailed Frank Karlitschek and he was nice enough<br>> > to respond. He said that the salt in the config.conf is used to<br>> > encrypt the password. I looked in the routines and found out that the<br>> > salt is generated in a random fassion. Then we are screwed. I cannot<br>> > believe we encrypt people's data against a random salt and without any<br>> > warning to tell people to copy the salt in a safe place just in<br>> > case????????????<br>> > <br>> > Anyhelp will be greatly appreciated.<br>> > Niazy<br>> <br>> Nothing in config.php is used for encryption, I think the problem is that<br>> with the old database gone, owncloud no longer knows what files were<br>> encrypted.<br>> <br>> I made the attacted script which will set the encryption flag for all files<br>> that would be encrypted using the current settings.<br>> Place the script in your owncloud folder and run it from a browser.<br>> <br>> Using this script might mess up your installation and any files uploaded<br>> before encryption was enabled in the original installation will be<br>> unreadable untill the values in the database are corrected<br>> <br>> - Robin Appelman<br><br></body>