Mounting crypt remotes with VFS cache

mstgrv · May 24, 2021, 10:40pm

If you mount a crypt remote and you enable VFS cache (e.g. --vfs-cache-mode is minimal, writes, or full), it seems the cached files are not encrypted. Is it possible to enable encrypted caches for crypt remotes?

asdffdsa · May 24, 2021, 11:06pm

hi,
you might want to chage the topic category from Help and Support to Feature

calisro · May 24, 2021, 11:32pm

It depends on what order you nest the crypt. Instead of deleting the template... If you had posted the information as to your config, version, etc it would have helped answer your question. In the template it even says "STOP and READ YOUR POST WILL BE REMOVED IF IT IS LOW QUALITY:
Please show the effort you've put in to solving the problem and please be specific -- people are volunteering their time to help you! Low effort posts are not likely to get good answers! "

mstgrv · May 25, 2021, 12:17am

AFAIK this only applies to a cache remote (Cache) whereas I'm talking about the VFS cache feature.

Also given the question I didn't think posting my rclone.conf was really needed, but to give you more detail:

rclone version: 1.55.1

command: rclone mount crypt: /path/to/mount --allow-other --vfs-cache-mode=minimal

When copying files to this (mounted) remote, the cache location is /home/user/.cache/rclone and I can see that the cache fills up with unencrypted files. So when the transfers are complete, the files will be encrypted at rest on whatever service the crypt remote resides on, but the rclone cache might retain unencrypted copies.

I'm wondering whether there's a way to ensure the cache itself is also encrypted when using the VFS cache with crypt remotes in this way.

ivandeex · May 25, 2021, 12:51am

The cache backend code is working but it currently doesn't have a maintainer so there are bugs which aren't getting fixed.

The cache backend is due to be phased out in favour of the VFS caching layer eventually which is more tightly integrated into rclone.

Until this happens we recommend only using the cache backend if you find you can't ~~live~~ work without it.

Bottomline: Cache is buggy, deprecated, unmaintained, won't be fixed.

@ncw
Do you plan to change the help page title from Cache (BETA) to more realistic Cache (DEPRECATED)?

It's a shame we can't use the <marquee> or <blink> html tags these days

mstgrv · May 25, 2021, 12:56am

Thanks - this is one of the reasons why I'm using the VFS cache.

ncw · May 25, 2021, 11:00am

That is correct they aren't encrypted. I'd suggest use of an encrypted file system for the cache if you are concerned.

There isn't a feature to do this at the moment and the way the VFS cache works it would be quite hard

Good idea!

system · July 25, 2021, 7:00am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.