Is rclone.conf needed to decrypt remotes?

I'm trying to decrypt remotes from a year ago, but they appear empty after putting passwords and location on google drive.

Is there a way to decrypt the files without rclone? Could you please point me to information explaining what method rclone uses it to replicate it?

You need to use the same password and same salt before. If you enter those in your configuration, you can decrypt the files.

if you log into the gdrive website, you do see the files in their crypted state?

There is no easy way to decrypt without rclone and you would need the exact same information to do so (password1 and password2/salt). It is therefore far easiest to use rclone.

You don’t need rclone.conf, but you do need all the information to rebuild the exact same crypt remote, that is something like this:

type = crypt
remote = myRemote:encryptedFolder
password = ObfuscatedPassword1
password2 = ObfuscatedPassword2
filename_encryption = standard
directory_name_encryption = true

You can either enter this directly in the rclone.conf file or you can use rclone config to create the entry (in this case you use your clear text passwords).

yes, they appear encrypted, files, file names and directories. files are there, but decryption still seems not to work

thanks for the reply, still not sure what may be wrong, but will keep trying. Haven't tried putting it directly in the conf file, maybe that will work

thanks for clarifying that, yes, I did that, still not sure why it didn't work here, but if I come up with solution will post it back here

you need to create two remotes, using rclone config
one remote for gdrive, one remote for the crypt.

should look something like

type = drive
client_id = 
client_secret = 
scope = drive
token = 

type = crypt
remote = gdrive-a1b2:crypt
filename_encryption = standard
directory_name_encryption = true
password = 
password2 = 
1 Like

thanks for asking, but yes, did that. gdrive:/file/to/backup/folder in the crypt option. still was empty for all folders

are symbols allowed in passwords ($#^@!) ?

please post the config file, redact id/secret/password/token.

for now, let's not work on the crypt remote until the gdrive remote is working.

create a gdrive remote using rclone config and make sure you can see the cypted files using rclone ls

sure, there is only one remote there (google drive):

type = drive
client_id = <<client-id>>
client_secret = <<client-secret>>
scope = drive
token = {"access_token":"<<access-token>>","token_type":"Bearer","refresh_token":"<<refresh-token>>","expiry":"<<expiry>>"}

I've changed client id from the default rclone to a private one from google since encrypting them if that adds anything to this issue.

It really depends on whether you have saved your passwords in clear text or obfuscated. I am sure @asdffdsa will guide you to the right choice once you get to it.

ok good,

if you run a command such as rclone lsd gdrive: -R
this will list all the folders in the drive, can you find the top level folder containing the crypted folders.
we will need that to setup the crypted remote.

thanks, sure, the top level folder is backups/wsl/node3

-1 2021-02-01 19:42:01 -1 backups/wsl/node3

if you saved the obfuscated password, then you have two options.

  1. you can de-obfuscate the password at

2 .create a remote inside the rclone.conf file itself, without using rclone config

it should look something like this, just paste the obfuscated password as is.
and make sure, the filename and directory settings are the same as before.

type = crypt
remote = gdrive:backups/wsl/node3
filename_encryption = standard
directory_name_encryption = true
password = obfuscated.password.01
password2 = obfuscated.password.02

thanks, but I'm a little confused. Are you mentioning obfuscated passwords, because of the post above (deleted it) or is there no way to regenerate them from the original passwords? It's important, because I don't have the obfuscated passwords, but I hope that they could be generated? or do they change on each run of rclone config?

if you have the original paswords, then use rclone config to create a crypt remote.
when asked for passwords, copy/paste the orignal passwords as is.

sorry, I have only the original passwords

if you have the original paswords, then use rclone config to create a crypt remote.
when asked for passwords, copy/paste the orignal passwords as is.

1 Like