Re: [owncloud-user] Unstable encryption with "occ encryption:encrypt-all"

Wed, 06 Jul 2016 14:12:01 -0700 

Victor Dubiniuk wrote:
> 1. After enabling encryption all users need to login at least once to
> generate encryption keys. Because a user encryption key is protected
> by the password of this user.
> I'm not 100% sure but I think this might be the case. 
 "occ encryption:encrypt-all" automatically creates encryption keys for
all users:

    ./occ encryption:encrypt-all


    You are about to start to encrypt all files stored in your ownCloud.
    It will depend on the encryption module you use which files get
    encrypted.
    Depending on the number and size of your files this can take some time
    Please make sure that no user access his files during this process!

    Do you really want to continue? (y/n)

    Encrypt all files with the Default encryption module
    ====================================================


    Create key-pair for every user
    ------------------------------

    This module will encrypt all files in the users files folder initially.
    Already existing versions and files in the trash bin will not be
    encrypted.


     %message%
     Create key-pair for user1
     Create key-pair for user2
    [...]

At the end of this process, Owncloud writes a message with the user
passwords used for encryption. Of course this causes the problem, that
the encryption password must be distributed to the users.

    +-----------+----------------------+
    | Username  | Private key password |
    +-----------+----------------------+
    | user1     | password1            |
    | user2     | password2            |
    | ...       | ...                  |
    +-----------+----------------------+

Unfortunately I saw such an summary in a small test, but not in my
bigger test. Maybe the summary would come later, but as I wrote, the
process often stops with errors.

> 2. The master key is a key that allows to decrypt user data for
> administrator in case of emergency. Otherwise user that forgot his
> password will loose all the files.
May be. But what is the difference between the encryption recovery key
(in Owncloud web) and the master key?

Greetings,
Björn

_______________________________________________
User mailing list
[email protected]
http://mailman.owncloud.org/mailman/listinfo/user

Reply via email to