Recover a damaged / missing / corrupted key file

Given the scenario that the key file in keys is damaged, missing or corrupted. The password for the key is still available.
How would one recover from this?

Welcome to the forum!

That depends on which part of the key file is corrupt. A typical key file looks like this (yes, it’s plain text JSON):

  "created": "2019-06-03T19:52:01.053171666+02:00",
  "username": "fd0",
  "hostname": "mopped",
  "kdf": "scrypt",
  "N": 32768,
  "r": 8,
  "p": 5,
  "salt": "QSdoVtl1tcXa2fo[...]",
  "data": "jkj3wuOpjQlBgiz[...]"

The most important things (in that order) are:

  1. data (contains the encrypted master keys)
  2. salt (used to derive the keys to decrypt the data field, together with the password)
  3. N, r and p (parameters for the scrypt Key Derivation Function)

If these fields are intact, you can use the password to derive the key for decrypting the data field, which in turn can be used to decrypt all data in the repo. If the parameters for scrypt are missing, it’s still likely you can find them by brute force testing all possible values. But for the rest, if data or salt is missing or corrupt, there’s no way to decrypt the data again. Even if you know the password. “Secure by default” is a double-edged sword :slight_smile:

All the details are documented in our design documentation.

Which part of your key file is corrupt? Or was this a hypothetical question?

Thank you very much for your fast and detailed reply!

Actually the key file of a repository get accidentally deleted. I’ve read several threads and issues where damaged repositories were discussed but didn’t find information about deleted/damaged key files.

This is not an issue so far but raised the question about backing up config and key files. Is this regarded as best practice and should this subsequently be addressed in the docs?