Local backup of a crypt remote

What is the problem you are having with rclone?

I have a website with a hosting provider that provides an FTP connection, and I used the FTP connection with rclone to first create a remote FTP type to which I connected a second remote CRYPT type to which I uploaded encrypted files and folders with rclone.

Now, I'm changing the hosting provider and for this I'm performing a local backup of all the data on the hosting server, but I wonder, regarding the folder encrypted with rclone, can I download it as such (encrypted) locally and decrypt it locally, or do I necessarily have to mount it locally and then transfer the decrypted content to the local backup device?

Run the command 'rclone version' and share the full output of the command.

$ rclone --version

rclone v1.68.2
- os/version: fedora 40 (64 bit)
- os/kernel: 6.11.11-200.fc40.x86_64 (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.23.3
- go/linking: static
- go/tags: none

Which cloud storage system are you using? (eg Google Drive)

FTP

The command you were trying to run (eg rclone copy /tmp remote:tmp)

[none, I'm just asking]

Please run 'rclone config redacted' and share the full output. If you get command not found, please make sure to update rclone.

[ftprovider]
type = ftp
host = XXX
user = XXX
port = 990
pass = XXX
tls = true
no_check_certificate = true
force_list_hidden = true
idle_timeout = 0s
close_timeout = 10m0s
tls_cache_size = 1024
shut_timeout = 10m0s
ask_password = true
encoding = Slash,LtGt,DoubleQuote,BackQuote,Dollar,Colon,Question,Asterisk,Pipe,Hash,Percent,BackSlash,CrLf,Del,Ctl,LeftSpace,LeftTilde,LeftCrLfHtVt,RightSpace,RightCrLfHtVt,InvalidUtf8,SquareBracket,Semicolon
description = FTProvider

[crypt_ftprovider]
type = crypt
remote = ftprovider:www.mydomain.com/path/crypt/remote
password = XXX
password2 = XXX
server_side_across_configs = true
description = CryptFTProvider

A log from the command that you were trying to run with the -vv flag

[none, I'm just asking]

welcome to the forum,

yes, that is the preferred way, https://rclone.org/crypt/#backing-up-an-encrypted-remote
and would look something like
rclone sync ftprovider:www.mydomain.com/path/crypt/remote ~/backup

and then create a new remote for loca crypt, would look something like

[crypt_local]
type = crypt
remote = /home/username/backup
password = XXX
password2 = XXX
description = CryptLocal

and to test
rclone ls crypt_local:

and to mount, would look something like
rclone mount crypt_local: ~/mount

@asdffdsa, thank you so much for this quick and detailed answer. I will try to follow all the instructions provided, thank you!

One question: since I have LUKS-encrypted the local backup disk, I can avoid making a local rclone-encrypted copy of the currently encrypted data on the FTP provider.

Could I then create a backup folder on the local LUKS-encrypted disk (mounted in /mnt/luks_disk/backup) and run the command rclone sync ftprovider:www.mydomain.com/path/crypt/remote /mnt/luks_disk/backup to have them locally decrypted on the LUKS-encrypted disk?

then you would want rclone to decrypt the files during download, correct?

in the case, run something like
rclone sync crypt_ftprovider: /mnt/luks_disk/backup

Yes, I would like a copy of the files in unencrypted form on the local backup disk encrypted with LUKS

I will try in this way, thank you!

welcome,

due to quirks with crypt remotes and hashes, rclone cannot verify file downloads using hash.
tho, rclone does use https, which provides a good level of file transfer verification.

so, after downloading all the files, i suggest running a check, something like
rclone cryptcheck /mnt/luks_disk/backup crypt_ftprovider: -v --combined=~/combined.txt

Thanks for the note. I'll try to proceed and update if I encounter any problems. Thanks for all the support

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.