I'm new here, so I'm sorry if this is the wrong forum for my question because it's not about a specific problem but instead concerns how rclone encryption works since I'm trying to understand it:
My intention is to have a setup with an encrypted "local remote" (weird but correct term?) which I then backup to my google drive. That is, I want to store the data encrypted (and backed up) but since it is decrypted when I access it locally, I would like to know how it is treated when mounted? Can decrypted data remain in my swap partition or elsewhere afterward?
If swap is used and it's an SSD drive a complete wipe is of course even more demanding. Obviously any application I use to open files might put the data unencrypted in swap (or application-specific temp files for that matter) but what does rclone do?
I might be wrong but if I've understood it correctly, e.g. Whonix works in such a way that once the VM is shut off, any temporarily decrypted data cannot be retrieved by forensic tools either but in order to make encrypted data available to Whonix, the encrypted rclone remote has to be mounted. If it's on the host, what happens? Could I safely mount an encrypted remote, access it through Whonix and after shutting off the VM be reasonably sure that nothing sensitive that was decrypted can be recovered afterward?
Or if I instead of mounting, copy the data and then delete the unencrypted data later, I presume that it's a "regular" how to wipe data issue which Whonix deals with when shutting off the VM. Mounting is of course more convenient, though.