What is the problem you are having with rclone?
when doing config of a seafile remote with 2FA, the token is always the same one.
i don't blame rclone because according to the seafile official API docs, i get the exactly same token with a POST to the /api2/auth-token.
so rclone is doing the "right" thing according to the doc, but still, something is wrong.
what rclone does (also the same with a POST request according to seafile API docs):
- get a unique token, same one everytime (2FA enabled).
- can always access with this token.
- this token doesn't show up on the seafile web page (/linked-devices/), which is reasonable, since a special unique never-changed token is not possible to represent a specific device.
while the official clients, both "seafile client" and "seadrive", they behave differently:
- everytime re-login, the token is different (same user, same password).
- this token is on the list of
/linked-devices/
, representing the device that has gotten this token. - if user manually delete / disconnect this device / token, then this token is expired.
- (these two client apps store auth tokens into a sqlite3 db file in plaintext after user logi)
a unique, always same, never expired auth token is a critical security hole. users even cannot delete it manually. although seafile has done this and documented it officially, we should not use it.
What is your rclone version (output from rclone version
)
rclone v1.56.0
- os/version: ubuntu 18.04 (64 bit)
- os/kernel: 5.4.0-42-generic (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.16.5
- go/linking: static
- go/tags: none
Which cloud storage system are you using? (eg Google Drive)
Seafile CE v8.0.7
The command you were trying to run (eg rclone copy /tmp remote:tmp
)
Paste command here
The rclone config contents with secrets removed.
Paste config here
A log from the command with the -vv
flag
Paste log here