er-vin
commented
4 years ago Hello,
I think this issue might be addressed by PR #1241 so closing for now. Please comment, reopen or create a new issue if that still shows up on 2.6.4 or later.
Regards.
Closed juliusknorr closed 4 years ago
er-vin
commented
4 years ago Hello,
I think this issue might be addressed by PR #1241 so closing for now. Please comment, reopen or create a new issue if that still shows up on 2.6.4 or later.
Regards.
tennox
commented
3 years ago I still encounter this issue on Windows 10, client version 3.1.3.
Never set up e2e and the prompt comes on every startup, very annoying. If I enter some password clicking the ok button produces a short flash of the window, but nothing happens, only cancel works.
I don't actually want to use e2e.
FlexW
commented
3 years ago @TeNNoX On your server might be the e2e app installed. If this app is installed, then the client generates a passphrase the first time you connect to the server. You would have needed to write that passphrase down that was generated back then. Indeed the dialog that shows that passphrase is very small and can be overlooked. Now, if you lost that passphrase, the only way to recover is to recreate your account. This is by design.
lorenzo-w
commented
3 years ago @FlexW Well this is just sh*tty design then. I just wanted to try out E2E and not actually use it for encrypting any important files just yet. Now if I do want to use it for real, I have to recreate my entire Nextcloud account??
FlexW
commented
3 years ago @lorenzo-w I understand your problem and I was once biten by that myself. If it would be possible to recreate the passphrase, that would make the e2ee a lot weaker. It's often the case that you have to treat convenience for security.
lorenzo-w
commented
3 years ago @FlexW Why would it make the E2EE weaker though? All I am asking for is a method of completely resetting E2EE (and of course that means deleting all encrypted files that you'll thereby lose access to) without having to delete the entire account. This adds a lot of unnecessary inconvenience to the user as well as the admin, for which I don't see the security benefit. The user should be able to do with their own account as they please, this includes purging old E2E-encrypted content and setting a new passphrase for future encryption.
PS: I also don't understand why it's not possible to delete E2EE folders via the web interface. Deleting a resource does not require being able to read it.
er-vin
commented
3 years ago All I am asking for is a method of completely resetting E2EE (and of course that means deleting all encrypted files that you'll thereby lose access to) without having to delete the entire account.
This would be more something for the server side though. The client can't do much about this.
When I connect an account, that already has been setup with E2EE in the past, the client asks for the passphrase. After entering it the dialog will show up again immediately. The only way to stop asking for the passphrase is to cancel the dialog which will lead in no passphrase being stored.