If I shared my Rclone config with someone does that mean they have access to my gdrive crypt? Because inside the config file I do see password and password 2.
type = crypt
remote = gdrive:/Private
filename_encryption = standard
directory_name_encryption = true
password =
password2 =
Does this mean that someone can access my gdrive crypt folder and take over? If so, should I change it immediately?
Thanks for the help in advance.
What is your rclone version (output from rclone version) V.1.51.0
Which OS you are using and how many bits (eg Windows 7, 64 bit)
Windoes server 2008 64-bit
Which cloud storage system are you using? (eg Google Drive)
Yes if you shared it they can access it and decrypt your contents. You can't "change" the decryption keys without re-encrypting (download, crypt, reupload). You can remove the Google drive authorization though and create a new credential. Then they can't access your Google drive but if they could, they can still decrypt your data.
In terms of option you shared, I can't change the decryption keys without downloading contents, crypt and re-upload but can you or anyone provide advice as to what should one do in this situation?
If I go the 2nd route to remove Google drive authorization and create new credential. How would be executed? I'm searching online and there many treads which is causing my confusion.
I also had a follow up question as to would I be able to identify if they did access my content? Or have I lost the ability to address it. I mean how does one hide the config file or add some type of harness against this? I assume this has been discussed but why can't we change the password when going through rclone config command?
As far as changing the keys, the encryption is made with those keys and that's why you can't just "change them" without re-encrypting.
There isn't really a way to know if they've accessed your data. You may be able to get info somewhere in your Google security to see who logged in from where but I don't believe you'll know much more that that.
Thanks @calisro. If I revoke/change the credentials does that mean loss of all data that is uploaded and any additional steps need to be taken after I execute this?
I have Rclone browser and mount setup as well. Would I have to change anything or is it simple in terms to go to this route?
You'll lose access via anything using those credentials but you can just create a new credential and connect again. You're not deleting your data or anything. You're just changing the credential. Don't lose your encryption keys though in the .rclone.conf. once you generate a new credential your can use rclone config to reauthorize it.
Here is how to create your own Google Drive client ID for rclone:
Log into the Google API Console with your Google account. It doesn’t matter what Google account you use. (It need not be the same account as the Google Drive you want to access)
Select a project or create a new project.
Under “ENABLE APIS AND SERVICES” search for “Drive”, and enable the “Google Drive API”.
Click “Credentials” in the left-side panel (not “Create credentials”, which opens the wizard), then “Create credentials”, then “OAuth client ID”. It will prompt you to set the OAuth consent screen product name, if you haven’t set one already.
Choose an application type of “other”, and click “Create”. (the default name is fine)
It will show you a client ID and client secret. Use these values in rclone config to add a new remote or edit an existing remote.
Yes. That's it. If you didn't create your own client id to begin with then you don't need to now but you really should be using your own for performance reasons as well.
Well do you advise I setup my own client ID? Might as well correct the previous action. I want to say that I did setup my own client ID however I cannot confirm. If I wanted to make sure would it show up under Google API Console?
For step 4: Click “Credentials” in the left-side panel (not “Create credentials”, which opens the wizard), then “Create credentials”, then “OAuth client ID”. It will prompt you to set the OAuth consent screen product name, if you haven’t set one already.
I don't see the OAuth client ID. I see 2 options to choose as inficated from the screenshot below.
Can you please share the link (guide) to run the rclone config resetup? Apologies in the advanced.. It's just I haven't done this in 2+ years so need a refresh.