ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Nextcloud AMA!!

    Scheduled Pinned Locked Moved IT Discussion
    nextcloudstorageama
    140 Posts 16 Posters 34.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • LukasReschkeL
      LukasReschke Vendor
      last edited by

      Hey there!

      My name is Lukas, I have been contributing to the ownCloud/Nextcloud code since 2012. Which in conclusion means that I am responsible for many of the security hardenings and features in the code. So if you ever saw an annoying security warning such as the "Trusted Domain Warning", then you can probably blame me for this πŸ˜‰

      Before I worked as security assessment and forensic investigator. Which means reviewing security, giving trainings and dealing with breaches at Fortune 500 companies. Personally, I do however believe that I have a way bigger impact by helping securing one of the most fascinating open-source projects out there.

      I happen to live in Switzerland, which probably shows you how distributed the Nextcloud team actually is πŸ™‚ And because Jos just asked for it a few minutes ago: My favourite color is certainly "pink", my first pet was named "Dieter" and my mothers maiden name is "MΓΌller". Figure if that helps you answering the password reset questions πŸ˜‰

      Cheers
      Lukas

      1 Reply Last reply Reply Quote 1
      • DashrenderD
        Dashrender
        last edited by

        Have you heard of SQRL authentication and have you investigated including it?

        LukasReschkeL 1 Reply Last reply Reply Quote 1
        • Frank KarlitschekF
          Frank Karlitschek @IRJ
          last edited by

          @IRJ Yes. There is the External Storage app that can do that. So far there is no connector for Box or onedrive. But this should be relatively easy to do. Maybe someone in the community is interested in doing this as a first contribution? πŸ™‚

          1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @jospoortvliet
            last edited by

            @jospoortvliet said in Nextcloud AMA!!:

            Probably because so many people and companies and governments (!) still put their data at some random company and that scares me. I think we should control our data and I want to help citizens & organizations get there πŸ˜‰

            Can you expand upon what you mean by this?

            jospoortvlietJ 1 Reply Last reply Reply Quote 0
            • Frank KarlitschekF
              Frank Karlitschek @IRJ
              last edited by

              @IRJ Yes. There are always big and cool new features coming. πŸ™‚ Actually the Nextcloud community is more active then ever. But it's not clear yet which features make it into the next major version. So we have to wait until the first beta is done. πŸ™‚

              IRJI 1 Reply Last reply Reply Quote 0
              • dafyreD
                dafyre
                last edited by

                Are there any considerations for 2FA?

                LukasReschkeL 1 Reply Last reply Reply Quote 0
                • LukasReschkeL
                  LukasReschke Vendor @Dashrender
                  last edited by

                  Have you heard of SQRL authentication and have you investigated including it?

                  I happen to have heard about it but we didn't look into that. In terms of authentication, at the moment we're working on actively improving our SSO plugin which now also supports Kerberos for example.

                  As Nextcloud is quite modular adding another authentication module via API should be quite easy. If you're interested in adding support SQRL authentication and have some PHP knowledge, I'd recommend to join us on help.nextcloud.com in the developers forum or on IRC #nextcloud-dev in Freenode.

                  DashrenderD 1 Reply Last reply Reply Quote 1
                  • Frank KarlitschekF
                    Frank Karlitschek @Dashrender
                    last edited by

                    @Dashrender Not sure what you mean? A way to safe into Nextcloud directly from the Office Safe Dialog? This is of course possible. Just safe in a specific folder that is then synced to the server with the Desktop Client. Is this what you mean? πŸ™‚

                    DashrenderD 1 Reply Last reply Reply Quote 0
                    • jospoortvlietJ
                      jospoortvliet Vendor @IRJ
                      last edited by

                      @IRJ said in Nextcloud AMA!!:

                      Are nextcloud downloads exceeding owncloud downloads yet?

                      we actually don't have solid numbers. Part of that is due to packages already in a few distributions, part because we don't track that stuff too closely... That was similar at ownCloud so it is very hard to compare, even if I had recent numbers.

                      What I can see is that the numbers we DO have grow nicely, with January being almost 10% more than December last year... But it fluctuates quite a bit.

                      1 Reply Last reply Reply Quote 0
                      • Frank KarlitschekF
                        Frank Karlitschek @RojoLoco
                        last edited by

                        @RojoLoco As a server OS? We tried to do this in the past but PHP on Windows is just not very good. So the recommended way is to run a Linux VM on the Windows Server. This works fine. πŸ™‚

                        IRJI DashrenderD 2 Replies Last reply Reply Quote 1
                        • LukasReschkeL
                          LukasReschke Vendor @dafyre
                          last edited by

                          Are there any considerations for 2FA?

                          @dafyre We've already added support for 2FA support in our latest major release. We officially support hardware two-factor auth using U2F and TOTP. See https://apps.nextcloud.com/?order_by=name&ordering=asc&is_featured=true.

                          1 Reply Last reply Reply Quote 2
                          • IRJI
                            IRJ @Frank Karlitschek
                            last edited by

                            @Frank-Karlitschek said in Nextcloud AMA!!:

                            @RojoLoco As a server OS? We tried to do this in the past but PHP on Windows is just not very good. So the recommended way is to run a Linux VM on the Windows Server. This works fine. πŸ™‚

                            Paying for a Windows license defeats the purpose of Open Source anyway πŸ™‚

                            Not to mention that windows servers eat resources.

                            1 Reply Last reply Reply Quote 0
                            • FATeknollogeeF
                              FATeknollogee
                              last edited by

                              There does not seem like an easy way for a Windows user to setup & use Nextcloud.
                              Can you comment on this?

                              Frank KarlitschekF dafyreD DashrenderD 3 Replies Last reply Reply Quote 0
                              • DashrenderD
                                Dashrender @Frank Karlitschek
                                last edited by

                                @Frank-Karlitschek said in Nextcloud AMA!!:

                                @Dashrender Not sure what you mean? A way to safe into Nextcloud directly from the Office Safe Dialog? This is of course possible. Just safe in a specific folder that is then synced to the server with the Desktop Client. Is this what you mean? πŸ™‚

                                While what you explained is possible, that sync client puts all the files at risk of a cryptoware attack.

                                What I am specifically looking for/asking about is an API that plugs-in to MS Office to save directly to the server without the sync client, like MS Office has for Sharepoint. Access through an API like this significantly reduces the ability of cryptoware to affect the files through this avenue.

                                Frank KarlitschekF JaredBuschJ 2 Replies Last reply Reply Quote -1
                                • JaredBuschJ
                                  JaredBusch
                                  last edited by

                                  With almost all software I am a heavy propoent of the repo based model because it drastically simplifies things for the administration side of the house.

                                  I know I can log into every single system and yum update or apt-get update and be done.

                                  I can also be very confident that it will always just work.

                                  With NextCloud, you have decided against doing a repository based model and have an auto updater.

                                  Why is this being done this way? What possibly administration benefit do I gain from it?

                                  LukasReschkeL 1 Reply Last reply Reply Quote 1
                                  • Frank KarlitschekF
                                    Frank Karlitschek @FATeknollogee
                                    last edited by

                                    @FATeknollogee On Nextcloud.com you can download fully configured VMs. Should be easy to run. πŸ™‚

                                    scottalanmillerS 1 Reply Last reply Reply Quote 1
                                    • DashrenderD
                                      Dashrender @LukasReschke
                                      last edited by

                                      @LukasReschke said in Nextcloud AMA!!:

                                      Have you heard of SQRL authentication and have you investigated including it?

                                      I happen to have heard about it but we didn't look into that. In terms of authentication, at the moment we're working on actively improving our SSO plugin which now also supports Kerberos for example.

                                      As Nextcloud is quite modular adding another authentication module via API should be quite easy. If you're interested in adding support SQRL authentication and have some PHP knowledge, I'd recommend to join us on help.nextcloud.com in the developers forum or on IRC #nextcloud-dev in Freenode.

                                      I'm not a coder at all, so I would be of little to no help here πŸ˜‰

                                      The principals behind SQRL pretty much get us away from usernames and passwords on websites, and also mostly gets rid of the reasons for 2FA (though there is still an argument for 2FA)

                                      1 Reply Last reply Reply Quote 0
                                      • dafyreD
                                        dafyre @FATeknollogee
                                        last edited by

                                        This post is deleted!
                                        1 Reply Last reply Reply Quote 0
                                        • Frank KarlitschekF
                                          Frank Karlitschek @Dashrender
                                          last edited by

                                          @Dashrender Another way of doing this is to use WebDAV as a mount and directly safe there.

                                          DashrenderD 1 Reply Last reply Reply Quote 0
                                          • DashrenderD
                                            Dashrender @Frank Karlitschek
                                            last edited by

                                            @Frank-Karlitschek said in Nextcloud AMA!!:

                                            @RojoLoco As a server OS? We tried to do this in the past but PHP on Windows is just not very good. So the recommended way is to run a Linux VM on the Windows Server. This works fine. πŸ™‚

                                            And no licensing issues.

                                            StrongBadS 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 7
                                            • 2 / 7
                                            • First post
                                              Last post