Quantcast

Lingering Encryption 1.0 files

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Lingering Encryption 1.0 files

Alex Jordan
Greetings, all!

I've recently rediscovered some files on my server which are encrypted
and shouldn't be. I thought this issue was gone, but apparently not.

Here's the story: I originally installed ownCloud 7 on my
server. Sometime thereafter I enabled encryption (pretty sure I set a
master password too, which I remember) and eventually (on the oC 8
upgrade? I can't remember) performed that incredibly long key
migration upgrade that everyone was filing issues about - not sure if
that completed 100%, but I think it did. Pretty soon after that I
disabled encryption. However, it's unclear to me as to whether the
decryption process ever actually finished, as I started it in a
browser which subsequently got closed or timed out, etc. I seem to
recall initiating the process multiple times, assuming that it had
timed out.

I can't remember the details as well at this point, but I *believe* I
eventually gave up and reenabled encryption. When the ownCloud with
Encryption 2.0 came out, I upgraded to that, migrated my keys, and
disabled encryption entirely. (That being said, I don't remember that
well, so the details in this paragraph may be incorrect.)

Today I tried to access some files in the desktop client, and got
"Internal Server Error" and "Connection closed," etc. Checking the
ownCloud log showed messages like the following:

    Exception: {"Message":"HTTP/1.1 503 Encryption not ready: Module with id: OC_DEFAULT_MODULE does not exist. [...remainder snipped]

Upon seeing this I enabled the default encryption module (which
prompted me to run upgrade routines, which I started in the web
interface but stopped and restarted on the CLI) and tried again. This
yielded log entries similar to the following:

    Exception: {"Message":"HTTP\/1.1 503 Encryption not ready: Private Key missing for user: please try to log-out and log-in again [...remainder snipped]

So, I logged out and logged back in again. This didn't really have any
effect, as one might expect given the mess that encryption is in on my
system. :(

I figured there would've been keys left over that were never properly
migrated, so I ran `occ encryption:migrate`, but after a while
realized that that might be doing more damage, so killed it. Perhaps
not the best response, but that's what happened.

`occ encryption:status` gives:

    - enabled: false
    - defaultModule: OC_DEFAULT_MODULE

I have backups at the following points in time:

* Before disabling encryption (I *think* the very first time, if not the second - not quite sure as I didn't specify in the backup name)
* Right before upgrading from 8.1 to 8.2
* Ditto for 8.2 to 9.0
* Right after I reenabled the default encryption module, today, on
  9.0.4

I would *seriously* appreciate it if someone could help me sort out
the complete mess I've described above.

Thanks,

Alex Jordan (AJ)

_______________________________________________
User mailing list
[hidden email]
http://mailman.owncloud.org/mailman/listinfo/user

signature.asc (949 bytes) Download Attachment
Loading...