Remote encryption confusion


#1

ive done nothing but read guides and tuts for the last few days and im stil confused lol…

I have my gdrive setup unencrypted and i have a remote (gdrive) which connects and mounts fine.
I have decided to encrypt my data and created a remote called (gcrypt) which has taken the data from my gdrive and has encrypted it to a folder called encrypt on gdrive.
I can transfer stuff from gdrive to gdrive:/encrypt this way with no issues.

i wish to mount the gcrypt remote so its accessible locally unencrypted.

From what i have read i need to create a cache to beable to do this , do i cache the gdrive or the gcrypt?

Eventually i want to do away with all the unencrypted files so that my files are all encrypted on google drive but unencrypted mounted locally.

Any help or advice appreciated .


#2

ok so after more reading im lead to believe it should be this way round?

gdrive
gcache (of gdrive)
gcrypt (of cache)
mount the crypted cache

surely this is only encrypting the cache and mounting it locally unencrypted?

my files are still going to be unencrypted on gdrive?


#3

No, you have it backwards as it is written up here:

https://rclone.org/cache/#cache-and-crypt

Here is the text from the page:

There is an issue with wrapping the remotes in this order: cloud remote -> crypt -> cache

During testing, I experienced a lot of bans with the remotes in this order. I suspect it might be related to how crypt opens files on the cloud provider which makes it think we’re downloading the full file instead of small chunks. Organizing the remotes in this order yelds better results: cloud remote -> cache -> crypt

#4

ok, i think im getting somewhere , ive read that what seems like a million times lol

"cache and crypt
One common scenario is to keep your data encrypted in the cloud provider using the crypt remote. crypt uses a similar technique to wrap around an existing remote and handles this translation in a seamless way.

There is an issue with wrapping the remotes in this order: cloud remote -> crypt -> cache

During testing, I experienced a lot of bans with the remotes in this order. I suspect it might be related to how crypt opens files on the cloud provider which makes it think we’re downloading the full file instead of small chunks. Organizing the remotes in this order yelds better results: cloud remote -> cache -> crypt"

so gdrive-cache-crypt ?

since posting originally i have been messing around and i now have

gdrive
gcache (pointed at gdrive:)
gcrypt (pointed at gcache:/encrypt) encrypt is where my encrypted files are

If i open gcache in rclone browser i can see all files but their encrypted.
If i open gcrypt in rclone browser i can see all file in their unencrypted state

So instead of pointing the cache at the gdrive i need to point it at the gcrypt: remote and then mount the cache?


#5

I think you didn’t read my post at all :slight_smile:

You do not want to go GD->Crypt->Cache and mount you the cache if that’s your goal to use the cache backend.

If you click on the link, it shows that and explains that bans will happen if you go the other way.


#6

Thx for your help :slight_smile: … This is my goal!!! :slight_smile:

I now have a cache of my encrypted files , but whenever i try to mount im getting needs maximum of 2 arguments…

i now have
gdrive
gcrypt(pointed at gdrive:/encrypt/)
gcache(pointed at gcrypt)

^^ correct?


#7

Sorry as I fixed my post as I copied the wrong line in from the link and apologize for the confusion:

During testing, I experienced a lot of bans with the remotes in this order. I suspect it might be related to how crypt opens files on the cloud provider which makes it think we’re downloading the full file instead of small chunks. Organizing the remotes in this order yelds better results: cloud remote -> cache -> crypt

Can you share your rclone.conf (without passwords) and what you are mounting? That would help.