Problems with crypt and jottacloud (cant browse files)

TheAllfather · February 28, 2021, 9:55pm

quick question (and this might be a stupid one) but:

after i updated rclone i had to create a new config. jottacloud works fine, but when I add crypt, i can't browse my files. if i do "rclone lsd secure:", it shows nothing. shouldn't it at least show something if i have the wrong password for crypt? like with fish on mirc, it just shows something else with the wrong key is used, or is this what happens when i've entered the wrong encryption password?

i stored password and salt in bitwarden, so it should be correct, but i cant figure out why it doesn't work. maybe i messed up when i stored the pass to bitwarden :S

asdffdsa · February 28, 2021, 10:07pm

there seems to be something wrong with the new config file or the rclone command.

when you posted, there was a template of questions asking for that and more....

TheAllfather · February 28, 2021, 10:31pm

Sorry... thought maybe it wasn't needed for that question, but here are the answers to the questionnaire

What is the problem you are having with rclone?

cant browse files on jottacloud with crypt

What is your rclone version (output from `rclone version`)

rclone v1.54.0
os/arch: linux/amd64
go version: go1.15.7

Which OS you are using and how many bits (eg Windows 7, 64 bit)

Ubuntu 20.04 LTS

Which cloud storage system are you using? (eg Google Drive)

Jottacloud

The command you were trying to run (eg `rclone copy /tmp remote:tmp`)

rclone lsd securebackup:

The rclone config contents with secrets removed.

[jotta]
type = jottacloud
client_id = jottacli
client_secret = 
tokenURL = https://id.jottacloud.com/auth/realms/jottacloud/protocol/openid-connect/token
token = {"access_token":"REDACTED","token_type":"bearer","refresh_token":"REDACTED","expiry":"2021-03-01T00:18:29.009444626+01:00"}
configVersion = 1

[jottabackup]
type = jottacloud
client_id = jottacli
client_secret = 
tokenURL = https://id.jottacloud.com/auth/realms/jottacloud/protocol/openid-connect/token
token = {"access_token":"REDACTED","token_type":"bearer","refresh_token":"REDACTED","expiry":"2021-03-01T00:18:38.94737729+01:00"}
configVersion = 1

[secure]
type = crypt
remote = jotta:arkiv
filename_encryption = standard
directory_name_encryption = true
password = REDACTED
password2 = REDACTED

[securebackup]
type = crypt
remote = jottabackup:arkiv
filename_encryption = standard
directory_name_encryption = true
password = REDACTED
password2 = REDACTED

A log from the command with the `-vv` flag

<7>DEBUG : rclone: Version "v1.54.0" starting with parameters ["rclone" "lsd" "securebackup:" "-vv"]
<7>DEBUG : rclone: systemd logging support activated
<7>DEBUG : Using config file from "/home/pi/.config/rclone/rclone.conf"
<7>DEBUG : Creating backend with remote "securebackup:"
<7>DEBUG : Creating backend with remote "jottabackup:arkiv"
<7>DEBUG : 2mrmct23ls54eurqje2hcbr6gs: Skipping undecryptable dir name: Bad PKCS#7 padding - too long
<7>DEBUG : vjilvupfm4b8e26q6tkcj2ndhs: Skipping undecryptable dir name: Bad PKCS#7 padding - too long
<7>DEBUG : 7 go routines active

asdffdsa · February 28, 2021, 10:39pm

you can search the forum for Bad PKCS#7
seems to be an issue with the passwords.

ncw · March 1, 2021, 11:02am

This is a sign that rclone is trying to decrypt unencrypted file names.

Are the unencrypted file names in jotta:arkiv or jottabackup:arkiv?

TheAllfather · March 1, 2021, 11:06pm

the files in both of those are encrypted. i have two jottacloud accounts.
jotta:arkiv works with secure
securebackup does not work with jottabackup

ncw · March 2, 2021, 3:41pm

TheAllfather:

<7>DEBUG : 2mrmct23ls54eurqje2hcbr6gs: Skipping undecryptable dir name: Bad PKCS#7 padding - too long
<7>DEBUG : vjilvupfm4b8e26q6tkcj2ndhs: Skipping undecryptable dir name: Bad PKCS#7 padding - too long

Did you have a different crypt password at some point and these are left over files from then? Or maybe get your remotes mixed up?

TheAllfather · March 2, 2021, 11:17pm

no, those two folder contain all my backups. i used a different password than for the other jotta account. at least i made another entry in my password manager. i forget. i feel like i've tried all the combinations from the two jotta accounts now, so maybe i just messed up when i added the passwords for encryption :\ i feel like thats weird too though, since it's just copy/paste...

EDIT: i noticed password2 is one character shorter (generated in rclone) than for the other account. should they be the same length? could i have accidentally deleted one?

ncw · March 5, 2021, 11:21am

If you obscure a password more than once then the result can be differnt, eg try running rclone obscure mypassword a few times

However are the passwords actually different? If they are then this might explain your propblems.

TheAllfather · March 17, 2021, 5:38pm

Hi again. Sorry for the late reply!
I (almost) gave up on this...

I have not used that obscure command, but yes, the passwords are different. the first password is the same length for both, but the second one (salt) has one less character for the one I'm struggling with.

Do you know if there is a tool to brute force the second password? (If I'm using that term correctly). I have the encrypted folder names and I know what the unencrypted folder name is, so if there was a tool to run through the salt password until its correct. So much hassle to edit the config all the time :S

system · May 17, 2021, 1:39pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.