How to retrieve data if the API Key or secret is lost?

I created a tardigrade bucket from Linux (using the Uplink CLI).

During the Uplink CLI setup, I’ve been asked to input my API key and a secret passphrase.
My questions are:

  1. How can I retrieve my data if Iose my API Key?
  2. How can I retrieve my data if I love my encryption passphrase?

I can understand that it’s not possible to retrieve them if I lose my whole access to tardigrade account. But, in my opinion, we should be able to retrieve the data by creating a new API key (on tardigrade console).
At this moment, if I create a new API key, I won’t be able to list buckets created with another APi key.

What do you think about this evolution?

You can’t retrieve your data if you lose the encryption key, that’s the point of encryption

1 Like

If it was possible, then others (Storj themselves for example) could also get your data.


Login to the satelliteUI and create a new API Key. You would still be able to download all files.

Without the encryption key you can still download and delete old files but you will not be able to decrypt it. Better don’t lose the encrpytion key. Good old paper backup will help.

As long as you still have access to your email account you can reset the login password.


Thanks all for your reply.

Regarding the secret passphrase, indeed my question was stupid…

Regarding the API key itself, if I well understand what you are saying, it should be possible to retrieve data with a different API key (on the same server or on another).
But I tried to list my buckets on another server (i.e. another Uplink CLI setup on another server) with a different API key and I can’t see them… I am sure there are still there since I tried with the previous API key and then I was able to see them.

Is that a normal behaviour or a bug?
Or is it because I used a passphrase on the first one (and didn’t specify it on the second Uplink setup)?

Thanks for your help.

That is a user error. I am playing that game once per week because I am too lazy to write down the API key. Every time I reset my VM I start over with a new setup.

Ok ^^
I will try it again.

I tried it but it doesn’t work. I must do something something wrong.

Here is what I did with the uplink client on debian:

  1. Setup a new uplink: API_key_1 and passphrase_1
  2. Created a new bucket bucket_1
  3. Created a new ojbject in that bucket: object_1
  4. Setup the uplink again with: API_key_2 and passphrase_1 (same passphrase as before)
  5. Tried to list the buckets: OK
  6. Tried to list the content of the bucket_1 => error
    Error: uplink: kvmetainfo: encryption error: decryption failed, check encryption key: cipher: message authentication failed
  7. Tried to delete the backup_1 => error since the bucket is not empty (but I can’t empty it!)
    Error: bucket not empty: nextcloud

Do you have any idea on what I’m doing wrong to fix/avoid those 2 errors?

Ok, I found it.
When you setup a new access for the uplink, it doesn’t erase the previous one. You have to select it in each uplink command with the flag --access <access_name>. I didn’t know that.
Otherwise, you can change the default access in the config.yaml file.
=> By the way, is there any way to change it with the uplink command? It seems more user-friendly to me.

After all those tests, I have created a bucket with 1 file in it but I forgot the encryption passphrase.
How can I delete the bucket without knowing it? @littleskunk you said it was possible



uplink import <name> long-access-string

if the <name> is omitted, it will import to the default.
In case of existing access in your config you can use the --overwrite flag.

Thank you.
What should be the long-access-string?

I would like to specify the access name in order to set it up as default access.

I tried this but it doesn’t work:
uplink import <my_access_name> --overwrite

One of them you can see if you run

uplink share

It will print out the long string which is called “access”. You need exactly such string :slight_smile:

1 Like

Thanks @Alexey

Do you know how I can delete a bucket if I don’t remember the passphrase?

I tried with uplink and with s3 but same error: the bucket is not empty and can’t be deleted. But since I can’t list files in the bucket, I can’t delete files in it…
Any advice?

./uplink ls sj://test1
Error: uplink: kvmetainfo: encryption error: decryption failed, check encryption key: cipher: message authentication failed

./uplink ls sj://test1/ --encrypted
OBJ 2020-03-30 22:12:52            0 AvDOgu-A43h-0l7RT5ALuLLZR6DPIH7HUwwlV3nOj-qpZeAlzVp51fGnqw==

./uplink rm sj://test1/AvDOgu-A43h-0l7RT5ALuLLZR6DPIH7HUwwlV3nOj-qpZeAlzVp51fGnqw== --encrypted
Deleted sj://test1/AvDOgu-A43h-0l7RT5ALuLLZR6DPIH7HUwwlV3nOj-qpZeAlzVp51fGnqw==