I have the problem, that one of my Users has forgotten his password, so the user reset the password. After logging in user gets the Message “Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files.” and the user can’t view any of the files. I found that the user can update the Private Key Password in the Personal Area, but they forgot the Old log in password, so how can user gain access to the files? Any Ideas?
Steps to reproduce
1.Create User (or use an existing one)
2. Reset his password
3. Try to log in to the user account and View or download any file.
4.Massage: “Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files.” appears.
Is there any way to fix the files for all users and disable the encryption?
Expected behaviour
Normally it should work fine to reset a users password and access all files after the login.
Actual behaviour
He can’t access the files because of an invalid private key
Server configuration
Operating system: ubuntu / Linux
Web server: apache2 2.4
**Database:**mysql
**PHP version:**7.2
ownCloud version: 10.4
**Updated from an older ownCloud or fresh install:**fresh install
Where did you install ownCloud from: From official site
Signing status (ownCloud 9.0 and above):
**The content of config/config.php:**
{
"system": {
"updatechecker": false,
"instanceid": "oclovptb5772",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"3.22.167.108"
],
"datadirectory": "\/home\/ubuntu\/owncloud\/data",
"overwrite.cli.url": "http:\/\/3.22.167.108",
"dbtype": "mysql",
"version": "10.4.0.4",
"dbname": "owncloud",
"dbhost": "localhost",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"logtimezone": "UTC",
"apps_paths": [
{
"path": "\/var\/www\/owncloud\/apps",
"url": "\/apps",
"writable": true
},
{
"path": "\/var\/www\/owncloud\/apps-external",
"url": "\/apps-external",
"writable": true
}
],
"installed": true,
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpmode": "php",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "465",
"mail_smtpsecure": "ssl",
"maintenance": false,
"singleuser": false
}
}
Log in to the web-UI with an administrator account and click on
‘admin’ -> ‘Generate Config Report’ -> ‘Download ownCloud config report’
This report includes the config.php settings, the list of activated apps
and other details in a well sanitized form.
or
If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your ownCloud installation folder
ATTENTION: Do not post your config.php file in public as is. Please use one of the above
methods whenever possible. Both, the generated reports from the web-ui and from occ config:list
consistently remove sensitive data. You still may want to review the report before sending.
If done manually then it is critical for your own privacy to dilligently
remove all host names, passwords, usernames, salts and other credentials before posting.
You should assume that attackers find such information and will use them against your systems.
**List of activated apps:**
Enabled:
- comments: 0.3.0
- configreport: 0.2.0
- dav: 0.5.0
- encryption: 1.4.0
- external: 1.4.0
- federatedfilesharing: 0.5.0
- federation: 0.1.0
- files: 1.5.2
- files_external: 0.7.1
- files_mediaviewer: 1.0.2
- files_sharing: 0.12.0
- files_trashbin: 0.9.1
- files_versions: 1.3.0
- firstrunwizard: 1.2.0
- market: 0.5.0
- notifications: 0.5.0
- provisioning_api: 0.5.0
- systemtags: 0.3.0
- updatenotification: 0.2.1
- user_external: 0.6.0
If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your ownCloud installation folder.
**Are you using external storage, if yes which one:** local/smb/sftp/... NO
**Are you using encryption:** yes
**Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/...
With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your ownCloud installation folder
Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM oc_appconfig WHERE appid = ‘user_ldap’;
Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.
### Client configuration
**Browser:**
**Operating system:**
### Logs
#### Web server error log
Insert your webserver log here
#### ownCloud log (data/owncloud.log)
Insert your ownCloud log here
#### Browser log
Insert your browser log here, this could for example include:
a) The javascript console log
b) The network log
c) …