khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-03 02:09:45 +07:00
Code Issues Packages Projects Releases Wiki Activity

add examples for occ encryption commands

Browse Source
This commit is contained in:
Carla Schroder
2016-04-28 13:06:37 -07:00
parent d92a19405c
commit 6b8765b1e1
1 changed files with 37 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
admin_manual/configuration_files/encryption_configuration.rst
View File

@@ -185,17 +185,24 @@ instructions on using ``occ``.
Get the current status of encryption and the loaded encryption module::
occ encryption:status
- enabled: false
- defaultModule: OC_DEFAULT_MODULE
This is equivalent to checking **Enable server-side encryption** on your Admin
page::
occ encryption:enable
Encryption enabled
Default module: OC_DEFAULT_MODULE
List the available encryption modules::
occ encryption:list-modules
- OC_DEFAULT_MODULE: Default encryption module [default*]
Select a different default Encryption module::
Select a different default Encryption module (currently the only available
module is OC_DEFAULT_MODULE)::
occ encryption:set-default-module [Module ID].
@@ -207,19 +214,44 @@ command gives you the option to encrypt all files. You must first put your
ownCloud server into single-user mode to prevent any user activity until
encryption is completed::
occ maintenance:singleuser
Single user mode is currently enabled
Then run ``occ``::
occ encryption:encrypt-all
You are about to start to encrypt all files stored in your ownCloud.
It will depend on the encryption module you use which files get encrypted.
Depending on the number and size of your files this can take some time
Please make sure that no user access his files during this process!
Do you really want to continue? (y/n)
When you type ``y`` it creates a key pair for each of your users, and then
encrypts their files, displaying progress until all user files are encrypted.
Decrypt all user data files, or optionally a single user::
occ encryption:decrypt-all [username]
Move keys to a different folder, either locally or on a different server::
occ encryption:change-key-storage-root
View current location of keys::
occ encryption:show-key-storage-root
Current key storage root: default storage location (data/)
Move keys to a different root folder, either locally or on a different server.
The folder must already exist, be owned by root and your HTTP group, and be
restricted to root and your HTTP group. This example is for Ubuntu Linux. Note
that the new folder is relative to your ``occ`` directory::
mkdir /etc/keys
chown -R root:www-data /etc/keys
chmod -R 0770 /etc/keys
occ encryption:change-key-storage-root ../../../etc/keys
Start to move keys:
4 [============================]
Key storage root successfully changed to ../../../etc/keys
Create a new master key. Use this when you have a single-sign on
infrastructure. Use this only on fresh installations with no existing data, or