Difficult security question. Rclone and encryption


#1

I would like to ask if my thinking is correct:

  1. rclone, config file is encrypted, gdrive is crypt

on VPS server like scaleway or online.net or vultr in ubunu 16 x64:

rclone --config=encrypted.conf --htpasswd bcrypt_file serve http --addr my.host.com:55643 --cert /etc/letsencrypt/live/my.host.com/cert.pem --key /etc/letsencrypt/live/my.host.com/privkey.pem gdrive:

  1. entered password.

Question:
since rclone does not save encrypted.conf ig password
and is using NaCl - very secure method with one time nonce
and access is protected with htpasswd file with BCRYPT hashes
and gdrive: is crypt share
and transfer to client is over ssl

is it possible that VPS owner will see my files?

Even if he will do memory dump - NaCl is very secure encryption method, and rclone does not save password in memory, it would be not usable since nonce is only one time in this secretbox.
Also Bcrypt with strong password htpsswd is very secure.

What vps owner would have to do to crack into my files?

(lets skip possibility where vps owner recompiles rclone and kills mine replacing with his doctored version)


#2

If the VPS owner could use a memory dump then they could probably recover some unencrypted data (which will be in the memory transiently). rclone will store the key to the crypt in memory too (it needs to to decrypt stuff) so if they could potentially find that. rclone will also have the decrypted config file in memory (or at least the tokens).

So I think if the VPS provider can dump the memory of rclone they will be able to see your files. That wouldn’t be particularly easy, but it would be possible.


#3

I’m pretty sure there are plenty of ways for an attacking VPS owner to snoop on your tty (or whatever is used to enter the password). I remember even back in the 90s there were tools you could run on your server (albeit on the same non-virtualized os) that would keylog the people logged in remotely.


#4

so there is no way…physically controlled machine owner can do anything…


#5

Yes… You can make life arbitrarily hard for them, but you’ll have to trust the provider at some level.