The problem is one of “reversability”. Most algorithms that make short names are “one way” (e.g. md5 or sha hashing). You can go from a long name to a short name and be pretty sure (not 100% sure, but pretty sure) that each long name maps to a unique short name.
But how do you go from the short name back to the long name so rclone ls will work? Without some form of database that keeps track of the mappings, it’s really really hard. When you try to add in “least common denominator” you end up with routines closer to base64 or uuencode which make the result larger than when you started, and that’s what happens with the encrypting of filenames. The “obfuscate” option was added to try and minimize the increase (in most cases the result is only a few characters longer).
What about storing the mapping “dictionary” in a normal file on the remote store? Give this file a short (maybe even a hard-coded) filename. The contents would be encrypted. To reduce the probability of data loss (if the dictionary is lost or corrupt) scatter multiple copies of it across the store. Compression software WinRAR has a similar concept. At least, I think it does
There are several tickets about this already… It adds more moving parts to rclone which in turn can make it less reliable. At the moment rclone has everything it needs in a single file - the name and the contents - to do anything else complicates things enormously! However I expect one day we will fix this
Request for clarification/confirmation: the rclone error at issue here arises from a b2 limitation, but a limitation exaccerbated by the way rclone does encryption - yes?
(I have just run into the same problem, using an encrypted b2 remote, on Linux.)
Yes (there is a b2 limit on file names) and yes the standard mode expands file names rather a lot. However there are other name encryption modes (eg obfuscated) which are shorter if less secure.
Thanks, Nick. I would not mind a link to the relevant documentation. I did find this information about 'Configuration Encryption' but it does not seem to impart the needful. Also - a grouse about the often excellent documentation - what does 'configuration encryption' even mean? Does it mean encryption of configuration? Does it mean configuration of encryption?