On Wednesday 08 August 2012 22:39:53 Niazy Selim wrote: > Robin > > Thank you very much for your reply and for the script. I will try it > tomorrow and let you know. While we are at it, I have a question. Is the > encryption against the plan user's password? Meaning, is it important to > keep the encryption.key file in a safe place? Again, thank you very much > for your response. > Niazy
A combination of the encryption.key and the users password is used to encrypt the files, so keeping the encryption.key file safe is important. - Robin Appelman > Sent from my Galaxy SĀ®IIIRobin Appelman <[email protected]> wrote:On Wednesday 08 August 2012 07:32:33 [email protected] wrote: > > Hello All, > > > > I am in the same dilemma as Andreas. I had all my files and my wifes > > files (separate accounts) encrypted in owncloud. Things were working > > well. The server was acting up so I decided to reinstall to a fresh > > Ubunut 12.04LTS. I had my owncloud/data/ on a separate partition on a > > RAID5 disk. > > After resinstall, out of paranoia and to be safe, I copied the data > > first to owncloud/data/ using regular cp command. > > Our passwords are the same. My files are encrypted and I cannot > > decrypted them any more. The encryption.key file is the the original > > one. I wrote a php routine to decrypt the can decrypt the > > encryption.key and I was able to retrieve its salt. For an expirement, > > I encrypted a text file using owncloud and I still cannot decrypt the > > text back. It decrypts in owncloud browser but not using a php > > blowfish routines. I emailed Frank Karlitschek and he was nice enough > > to respond. He said that the salt in the config.conf is used to > > encrypt the password. I looked in the routines and found out that the > > salt is generated in a random fassion. Then we are screwed. I cannot > > believe we encrypt people's data against a random salt and without any > > warning to tell people to copy the salt in a safe place just in > > case???????????? > > > > Anyhelp will be greatly appreciated. > > Niazy > > Nothing in config.php is used for encryption, I think the problem is that > with the old database gone, owncloud no longer knows what files were > encrypted. > > I made the attacted script which will set the encryption flag for all files > that would be encrypted using the current settings. > Place the script in your owncloud folder and run it from a browser. > > Using this script might mess up your installation and any files uploaded > before encryption was enabled in the original installation will be > unreadable untill the values in the database are corrected > > - Robin Appelman _______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
