Integrity of rclone ENCRYPT

When using a encrypted remote, specifically one that is mounted, what type of file integrity is there to ensure the file was written correctly to the remote drive?

I've read and saw the encrypt can only check files via their modification time and file size once uploaded, but does it check its hash during the initial upload? If one bit got corrupt during the upload, would it be noticed?

Would it be safe to upload TB's of data to a encrypted remote and expect 100% integrity?

There is no hash to check as it's encrypted on the other side so the hash would not match the original file.

You can use: if you want to be sure it uploaded properly.

I would never bet anything as 100% regardless, but that's me :slight_smile:

If my understanding is correct, then silent data corruption would be possible while uploading using the encrypted driver? This would only be seen if I ran cryptcheck after the upload, otherwise unnoticed if I didnt.

If I want a higher level of integrity, I should not use a encrypted remote, which does indeed checksum to verify. Am I correct?

Looks like may be the flag i was hoping for where the checksum is checked during initial upload. May be avaliable in the future, but really all the flag will do is run cryptcheck automatically I guess.

Not sure if related, but maybe using the chunking feature could help?

No, the crypt backend does a version of rclone cryptcheck while it is uploading files so it should notice corruptions at that point.

This was done as part of

1 Like

So far in my use, I've never had a file issue when rclone says it uploaded to my encrypted remote. I don't check anything afterwards ever as the data to me isn't that important and it's replaceable.

If the data is important, I'd probably upload to 2 different providers and run check/crypthcheck when done as that's as much as I can do to ensure the data is not corrupt.

each day, rclone sync to a crypt remote.
once a week, rclone sync followed by a rclone cryptcheck

never a problem yet

I occasionally see sha1 error reports when sync'ing to an encrypted OneDrive; rclone auto-retries the failed file. The first couple of times I saw this I did a manual verification, but now I just trust rclone to do the right thing.

This is just my experience, but for uploads, especially a lot of them, using the command line directly (sync, copy, copyto, etc) are not ony much more resilient, but also way more informative about what is going on. It's not that mount can't, but especially without caching, it will be less resilient and, as discussed, harder to know there was an issue

Thanks for reminding us this important command. I will run an integrity check on my encrypted data. Glad to hear rclone performs this during upload. I do randomly check files, as a backup is only good if it's able to restore.

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.