Question regarding access to mounted drives

Hello guys,

I am not sure if this was asked already but I do have a question.

Right now I have my server configured to automatically mount Google Drive on startup.

What happens in the case someone stole my server?
How can I prevent them to get access to the Google Drive since it is automounting on start up?

Do I need to revoke/delete the generated API keys that are used for this?
If yes how do I get access to my Google Drive again ? (everything on it is encrypted)


What you would do is go to the connected apps page on drive and disconnect rclone from your drive

You would then use the saved config file from your backup and run rclone config reconnect remote: to reconnect it on your new computer, or you could just run through rclone config again. Provided you have the passwords you used the first time then the crypt will just work.

1 Like

Thank you for the quick answer.

Is it also possible to change the password somehow?

You can change the password of the google drive the normal way. It isn't possible to change the password of the crypt without re-encrypting it.

This is perhaps a weakness! It is done like that so rclone doesn't have to fetch the master key and decrypt it with a user password.

Changing the password would be quite convenient but if that is not possible right now can I somehow do a only sever side copy to another Google Drive ?

So I do not have to upload everything again to a different Google Drive via my connection.

You can server side copy the files without changing the encryption key, but if you want to change the encryption key then you'd have to download and re-upload. You could do this from a google VM though.

Yea, it can be done via a GCP microinstance, and that will give you up to 40MB/sec under ideal conditions. Traffic within google is free - and if you just make yourself aware of what the free-use limits on GCP are it's not hard to keep the whole operation free. Or otherwise, if you want more muscle - it would still be a pretty trivial cost as it's all based on usage. so-and-so many cents pr 10.000 operations of this and that type ect.

How would the server side copy command need to look like ?

For google drive, activate the feature first by either putting this in your config under the gdrive remote:
server_side_across_configs = true
or putting this in your rclone command:
--drive-server-side-across-configs true
(using both at the same time is redundant / not needed)

Then you can simply use rclone move, copy or sync as normal (ie. no special command), and if the operation is possible to server-side then rclone will do so. If you have verbose mode on then it will tell you (server-side) at the end of the line to indicate this was used for that particular operation.

I think it may be a requirement that the user(s) for the different remotes have access to the other drive. I am not sure if that restriction was later fixed though. Just let us know if you hit any snags and it's usually fixable.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.