[Owncloud] Encryption no longer working

niazy at niazyselim.net niazy at niazyselim.net
Wed Aug 8 14:32:33 UTC 2012 

Hello All,

I am in the same dilemma as Andreas. I had all my files and my wifes  
files (separate accounts) encrypted in owncloud. Things were working  
well. The server was acting up so I decided to reinstall to a fresh  
Ubunut 12.04LTS. I had my owncloud/data/ on a separate partition on a  
RAID5 disk.
After resinstall, out of paranoia and to be safe, I copied the data  
first to owncloud/data/ using regular cp command.
Our passwords are the same. My files are encrypted and I cannot  
decrypted them any more. The encryption.key file is the the original  
one. I wrote a php routine to decrypt the can decrypt the  
encryption.key and I was able to retrieve its salt. For an expirement,  
I encrypted a text file using owncloud and I still cannot decrypt the  
text back. It decrypts in owncloud browser but not using a php  
blowfish routines. I emailed Frank Karlitschek and he was nice enough  
to respond. He said that the salt in the config.conf is used to  
encrypt the password. I looked in the routines and found out that the  
salt is generated in a random fassion. Then we are screwed. I cannot  
believe we encrypt people's data against a random salt and without any  
warning to tell people to copy the salt in a safe place just in  
case????????????

Anyhelp will be greatly appreciated.
Niazy



Quoting Andreas Heinlein <aheinlein at gmx.com>:

> Hello,
>
> I have recently set up a private ownCloud instance and enabled the
> encryption app. This worked fine until I think the 4.0.3 update a few
> weeks ago. From then, all encrypted files which are downloaded contain
> merely random data; it looks like they're still encrypted. Unencrypted
> files (Images etc.) can be downloaded and viewed just fine. Updating to
> 4.0.6 did not change anything. Password has not been changed since
> initial setup.
>
> A file 'encryption.key' exists in /var/www/owncloud/data/<user> and is
> readable by the Apache user. Since I have come to the conclusion anyway
> that I no longer need the enryption app: is there any way to manually
> decrypt the files on the server?
>
> Unfortunately, the encrypted files have also been sync'ed over the
> unencrypted ones on my desktop, so I have no clear copy of those files
> left. I have a backup of most of them, but not all.
>
> Thanks for your help,
> Andreas
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud

More information about the Owncloud mailing list