Revoke keys #32
Comments
|
If you are able to do this on server a evil admin could reset the key, setup a new memonic and on reshare get the secret files or? I was thinking about using u2f to identify the user who wants to reset his memonic. So clients of users with existing shares to the user could get a the u2f public key and vertify the the memonic reset was requested by the user end not a evil admin? But I'm not sure if it will work in practice. |
|
Yes, an evil admin could revoke the keys, but then still the can encrypt the files as the keys are stored locally. |
|
But if I understand it right than, revoking the key's would not help to resetup end to end encryption. Right? |
|
In current implementation a client only asks for keys (stored on server) on the very first time. |
|
Sorry, I think we are talking about different thinks right now. I was wondering if an admin could use the revoke funktion to "steel" the identity of an user. Ask the other users of shares to reshare (He could setup a message looking as it comes from Nextcloud saying user xyz lost his memomic and reset encryption please reshare, if you want him to be able to read the shares.) and gain access to file he/she should not see on this way. Or would it not be possible to resetup a new end to end encryption with new key's after the old key's are revoked? And to protect against this I was woundering if it is possible to use the u2f authentikation to vertify against other devices that the user requested the resetup and not an admin trying to steel the identity of the user. |
|
On very first setup we use tofu (trust on first use), so whoever authenticates with the right credentials can push the keys to the server. But this means that the attacker has access to the user credentials and the user will notice as any new client / file will not be able to decrypt by him. |
|
So the attacker is the admin, because thats where we need e2e encryption for. Knowing the credentials is not the big problem he is the admin and has write access to the database and all serverfiles. So the problem or the point where I was woundering is using tofu a second time. I'm not strinktly against it but I think it is a point wich should be well thourgt of, if there is not a bedder solution. |
I guess we have to keep it this way:
I get your point, but I am unsure how to handle this. |
|
I see the problem on both ways. Or I was thinking of using the users U2F device to autenticate the user, but this is not a easy way for development. The clients must be able to read the U2F device and add the public key to the encrypted shares. The revoke could than happen with a by u2f device singed message and could be done by the server. In this cases each client could vertify that the user and not the server requested the revoke. Maby a big warning or information on the side of users making a new share that the key has change would solve the problem, too. |
|
What to do, if the users private key is broken? when i log in i get the message "Falscher privater Schlüssel für die Verschlüsselungs-App. Bitte aktualisieren Sie Ihren privaten Schlüssel in Ihren persönlichen Einstellungen um wieder Zugriff auf die verschlüsselten Dateien zu erhalten." I am aon 13 beta rc1 and i once tested with the ios app a folder encryption. can't get rid of the message or reset my private key :-( As i am admin on my instance, i tried many things. but there are no keys stored anywhere. Not in occ encryption:show-key-storage-root nor in my data/myuser/... place. Neither in data/appdata_ ... I do have enabled "default encryption module" and "End-to-End Encryption ". |
|
Currently there is no user friendly way. |
|
I tested E2EE with the beta desktop client when it was first released a few months ago. Back then I did not save the encryption passphrase because I did not plan to use it productively. Now with the new desktop client 2.5.0 and activated E2EE the client asks me now for the passphrase from back then. The possibility of revoking E2EE keys would be very appreciated otherwise I have to create a new user and move all stuff. |
I am in the exact same situation, tested E2EE on android a long time ago and the passphrase glitched away from me or something. Long story short, the only passphrase I have stored is incorrect and I cant use E2EE. Is it possible to compleatly reset E2EE for all my users on my server and start fresh now when it is getting to production readiness? |
|
Similar problem here: I've enabled the E2E-App and wanted to try it with my Android device, but the Mnemonic never even showed up. Disabling/Enabling the App doesn't work, and unfortunately I don't know how to completely reset the necessary App data. |
|
I have the same problem. I tested E2E on Android during the early versions of the App. It worked buggy, so I stopped using this feature. Now E2E is stable and released on the desktop, but I can't use it, because I don't know my passphrase / keys anymore. And I use Nextcloud on some cloud provider, so I can't remove my account or reinstall Nextcloud. |
|
I'm in exactly the same position. Tried the E2EE feature a couple of months ago, unfortunately with my main user account. Turned out to be too buggy, so disabled it again and didn't bother storing the 12word passphrase. I do have access to the SQL db, so if there is a manual way to reset the keys for this account, this would suffice for me. |
|
@schiessle what is the plan/status of revoking the keys? |
with unlock ... :) |
|
I have the same problem. I tested E2E at the first release. At this time it was too unstable for me, especially with the missing feature in the desktop client. Now with the new desktop client version 2.5.0 I do not remember my passphrase I set back then. At every PC start, I'm asked for the passphrase, that's annoying. |
|
Same problem here. Playing initially wit E2EE and didn't save the 12 word passphrase. |
|
Me too. When I tried to copy the passphrase to keepass on the smartphone I accidentally confirmed the dialogue and the passphrase was gone. I would appreciate a way to reset the passphrase even if the encrypted data would be lost. As far as I can see this shouldn't be a problem since when the passphrase once is set, I can decrypt the folders with that single client. The problem is that without knowing the passphrase I can't access the data (apparently any data, encrypted or not) with any other client. |
|
@Bromptonaut if you created the passphrase with a recent android app version, you can look it up again in settings (there must be any kind of android's device locking enabled) |
|
@tobiasKaminsky Thank you for the hint. I couldn't spot a dialogue to display the passphrase in the settings of the android client V3.2.1., so I updated to V3.3.2. Device locking has always been enabled as you told me. When I now unlock the nextcloud app with my fingerprint I occasionally (not always) get a dialogue headed "E2E-Mnemonic" but with nothing but empty space below which I need to confirm with OK. Either my passphase indeed is empty, or it is not displayed correctly (if this is the purpose of that dialogue). I still do not find anything related to the passphrase in the settings. |
|
@Bromptonaut if you have set up E2E on mobile with an old client, then the passphrase is not stored. |
|
@tobiasKaminsky Is there any way to reset those passphrases (maybe working directly with the SQL storage)? We have some users who wanted to try out the featured when it was released, didn't played around with it any longer and lost the passphrases... |
|
@schiessle can you give an advice how to do this manually? |
|
Same problem. I set up E2E on my phone months ago and forgot the passphrase. Now, my desktop client isn't syncing anymore (I don't know why) and it's asking for the E2E encryption passphrase on every start. |
|
@davesie there's a workaround by @tobiasKaminsky here: nextcloud/server#9083 (comment)
Tried it, works. |
|
@Alphakilo thanks for sharing the workaround. Unfortunately this does not work for hosted Nextcloud instances :( |
|
@Alphakilo : Hi, same problem here (Nextcloud 14 and I replaced it today with the 15.0.2). E2E was stuck in a hell 'ask for mnemonic' loop, or did not sync at al when E2E is active.
delete from oc_filecache where path like '%end_to_end_encryption%';
I don't know if this is the right way, but it worked. It asked me for new mnemonic words. |
|
Yes please, at least allow the user to revoke their own key. |
|
PLEASE NOTE: following manual steps are not needed anymore, please use the UI at the users own settings (/settings/user/security) ! See comment below. I recorded my passphrase while setting up e2e on my android before the client was stable (it seems the passphrase I recorded is not the one that was used to create the key). I didn't pay much attention, but now the desktop client asks for my passphrase everytime I start it and I'm tired of hitting cancel each time. For better or worse, with Nextcloud 14 and E2E 1.0.5 it does seem possible to delete keys for a fresh start. @tobiasKaminsky's directions I found a bit vague and @dnclain's approach too drastic (I only wanted to revoke the keys for one user, not for everyone!). So I settled on these steps to revoke the keys for just one user.
I manually ran the cron job ( I restarted my desktop app. It presented me with a new passphrase. I don't have access to my old encrypted folders, but I can create new ones. I didn't share any folders with other users, so I'm not sure what would happen now if I had (would those shares be blindly re-keyed with my new key)? I don't fully understand the intricacies of the Nextcloud e2e implementation, but if possible, I think the desired behavior should be something along the lines of:
I know it's not perfect and many users blindly click throug those warnings, but I think it's a reasonable compromise. |
|
EDIT : issue! Client used is ubuntu 2.6.2git |
|
if you forget the mnemonic code or you have no client connected to retrieve it, I use these 2 commands from the terminal to delete the user's private and public key |
|
@tigernero79 Thanks for the fix! The only change I had to make was spoofing the user agent. You can find a list of accepted user agents here: end_to_end_encryption/tests/Unit/UserAgentManagerTest.php Lines 53 to 87 in 57dd204 |
|
I would like to reopen this case because it's still really ungrateful as a way to do things. the curl command doesn't work:
the entries in mysql database is not accurate anymore there is no meta-data etc |
I also made the stupid mistake of enabling and then disabling end-to-end encryption without properly saving the passphrase. |
|
Hi @mjeshurun - If you look in your config file, you'll see a variable called |
Thank you! I was able to find the full appdata_... folder name. Is there a command I need to run in order to allow permission? |
|
Try becoming root with: |
That worked :))) |
|
@jmcclelland regarding #32 (comment) Thanks so much for saving some (including my) asses 👍 Deleted private and public key for one specific user from filecache table and deleted User.private.key as well as User.public.key from server. Restarted desktop client of affected user - and the annoying message has gone. New pair of keys has been created immediately (possibly by cron running in the back meanwhile). Desktop client now also shows mnemonic again (before in broken E2E situation it only showed plain text (nothing)). So far no side effects discovered. |
|
related PR #305 (!) |
|
This is now done |
Please note that (tested with NC v27.1.5.1 and E2EE app v1.13.1) there's no username (anymore). So this is
Anyway, one has to delete all |
|
E2EE can now be reset from the user's settings. There's no need mess with files and db anymore. |
|
That's good and bad news. Bad because I spent 1 to 2 hours for nothing... 😆 ...and good of cause. Found it at Maybe it's possible for you @jmcclelland to edit your post (#32 (comment)) - which is linked on many places on GitHub, the NC forums, Google, ... - and just add a
|
|
@bcutter Sorry you had to waste those hours! I just updated my comment as suggested. |
and others
If an user lost the mnemonic he will never be able to use E2E again as there is no restore mechanism neither a way to revoke all keys and start from scratch (with loosing all previously encrypted files).
As #20 I think it should be possible to rekove the keys on server side.
The text was updated successfully, but these errors were encountered: