Mounting crypt remotes with VFS cache

If you mount a crypt remote and you enable VFS cache (e.g. --vfs-cache-mode is minimal, writes, or full), it seems the cached files are not encrypted. Is it possible to enable encrypted caches for crypt remotes?

you might want to chage the topic category from Help and Support to Feature

It depends on what order you nest the crypt. Instead of deleting the template... If you had posted the information as to your config, version, etc it would have helped answer your question. In the template it even says "STOP and READ YOUR POST WILL BE REMOVED IF IT IS LOW QUALITY:
Please show the effort you've put in to solving the problem and please be specific -- people are volunteering their time to help you! Low effort posts are not likely to get good answers! "


AFAIK this only applies to a cache remote (Cache) whereas I'm talking about the VFS cache feature.

Also given the question I didn't think posting my rclone.conf was really needed, but to give you more detail:

rclone version: 1.55.1

command: rclone mount crypt: /path/to/mount --allow-other --vfs-cache-mode=minimal

When copying files to this (mounted) remote, the cache location is /home/user/.cache/rclone and I can see that the cache fills up with unencrypted files. So when the transfers are complete, the files will be encrypted at rest on whatever service the crypt remote resides on, but the rclone cache might retain unencrypted copies.

I'm wondering whether there's a way to ensure the cache itself is also encrypted when using the VFS cache with crypt remotes in this way.

The cache backend code is working but it currently doesn't have a maintainer so there are bugs which aren't getting fixed.

The cache backend is due to be phased out in favour of the VFS caching layer eventually which is more tightly integrated into rclone.

Until this happens we recommend only using the cache backend if you find you can't live work without it.

Bottomline: Cache is buggy, deprecated, unmaintained, won't be fixed.

Do you plan to change the help page title from Cache (BETA) to more realistic Cache (DEPRECATED)?

It's a shame we can't use the <marquee> or <blink> html tags these days :slight_smile:

1 Like

Thanks - this is one of the reasons why I'm using the VFS cache.

That is correct they aren't encrypted. I'd suggest use of an encrypted file system for the cache if you are concerned.

There isn't a feature to do this at the moment and the way the VFS cache works it would be quite hard :frowning:

Good idea!

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.