After setting up an encrypted remote, I expected rclone to prompt me for the password when decrypting. However, files are decrypted to my local folder with no password prompt at all. That means that any tech-savvy person who got hold of my computer would be able to access my encrypted files. I'm wondering where the security is here.
I tried encrypting my config file but that throws up password prompts for every operation, which is unusable for me.
I must be missing something. Is it not possible to make rclone prompt for a password ONLY when decrypting?
What is your rclone version (output from rclone version)
1.56.2
Which cloud storage system are you using? (eg Google Drive)
Koofr
The command you were trying to run (eg rclone copy /tmp remote:tmp)
I don't get a clear picture of your exact case: Don't know where your remote is pointing to (local folder? cloud provider?), also not what OS you are on etc.
The most basic use-case for crypt backend is:
You have your original, unencrypted, files in a directory on local computer.
You want to copy/sync the local directory to some cloud provider.
You want to protect your files in cloud by storing them in encrypted form.
Then you could create a crypt remote, wrapping the remote accessing your cloud provider. Running rclone copy/sync to the crypt remote performs client-side encrypting before/during transfer. Everything in cloud is safely encrypted. Everything on local computer is unencrypted (although you may have your disk encrypted, e.g. by your operating system).
Now if someone breaks into your cloud account they will only see your encrypted files. But if someone breaks into your computer they will get access to the original, unencrypted files.
If your use case is different, you need to give some more details..
There are ways around this: Documented here, and also in the wiki.
Thanks for the run-through. I think I am top of all that though. I'm having no problem copying/syncing files at all - except for the password issue. It's not really a question about a particular operation but about the general functionality of rclone.
Just to be clear, the config and my files are on my Windows laptop. I am backing them up to Koofr using rclone. For some files I am just doing a straightforward copy or sync - no problems there. For others, I want them to be encrypted on Koofr so I am using a crypt remote. No problems sending them to a Koofr encrypted folder.
Naturally though, I don't want those encrypted files on Koofr to be accessible to anyone who gets hold of my laptop (eg. my tech-savvy nephew after I am dead). By the way, if someone does get into my laptop they won't get access to my original files because they are in a heavily-passworded Veracrypt vault on an invisible drive). Naturally I want the encrypted files on Koofr to be equally inaccessible. I can't understand why they can be decrypted back to a local folder without any kind of password prompt.
I did read that wiki, but didn't spot an easy answer to what seems to me a quite simple question.
Is it possible to have separate config files on my laptop - one for unencrypted and one for encrypted transfers? That would be a workaround.
If you copy back on the same computer, you will have the encryption password stored in the config file. Configuration encryption, as you mentioned, will add a password protection on this.
Yes, using the --config option. It can point to a specific config file to use. Set it as command-line argument, or as environment variable (RCLONE_CONFIG). You could e.g. create one launcher skript rclone_plain.cmd and another rclone_encrypted.cmd which sets RCLONE_CONFIG to different values. Rclone.exe will prefer an existing rclone.conf file from same folder, so another option is to set up two separate rclone "installs" with their own local configuration file. Several possibilities here to play with...
Ok, I've got it working with two config files. I couldn't figure out how to get separate installations (two exes) to point to separate config files but found I didn't need to - I could just add a second config file (called rclonedecrypt.conf) in the same folder as rclone.conf and encrypted it using rclone config --config="[config file path]".
Now I can do normal transfers and encryptions using the original (unencrypted) config file which doesn't require a password, and do decryptions using the new (encrypted) config file which prompts for a password, just as I required.
It means that the --config argument must be added to every command to point to the relevant config file but that's just a one-time task for me as I run all my rclone operations from Syncback Pro (dummy profiles with the command line in the 'Run Program Before' setting) in order to schedule some of backups 'on file change'. It's working well.
Thing is, in the event of my untimely demise, I really would want my family to be able to access most of my files (I have already organised everything to be easily found) so I don't even want a Windows logon. The challenge is to have some files absolutely accessible and some absolutely not. I think I've now cracked it.
