Skip to content

crypt: password2 (salt) not written obfuscated to rclone.conf? #90

@Tentos

Description

@Tentos

Is there an existing issue for this?

  • I have searched the existing issues and did not find anything similar.

Bug Description

I created a crypt remote, where RClone Manager (Flatpak version) has loaded rclone.conf from ~/.config/rclone. I set a password and additionally a salt.
I then tried to list the decrypted files on my smartphone where a rclone client is installed. I expected to see the files, but (according to the logs) the file names could not be decrypted.

The error reason: RClone Manager seems to write password2 (the salt value) deobfuscated to rclone.conf, while rclone expects it to be obfuscated. Hence, rclone "deobfuscates" the password2 clear text string and uses it as salt for encryption.

Operating System

Linux

OS Version

Fedora 43

App Version Type

Desktop (GUI application with window)

App Version Number

0.1.9

RClone Version

1.72.1

Steps to Reproduce

  1. Install rclone on Fedora with sudo dnf install rclone (version installed: rclone-1.72.1-1.fc43.x86_64)
  2. Open RClone Manager (Flatpak version from Flathub.org).
  3. Configure RClone Manager to load ~/.config/rclone/rclone.conf.
  4. Add a remote where the encrypted files should be stored, a WebDAV remote.
  5. Create a crypt remote for this WebDAV remote. Just set set the remote to type decrypt/encrypt, password and password2. (The password2 is a long passphrase.) It is not necessary to configure mount options etc.
  6. Check rclone.conf. The password2 field is saved as deobfuscated string.
  7. Create the same crypt remote (with another name) directly with rclone on the command line. Set password and password2.
  8. Check rclone.conf. The password2 field of the remote directly created with rclone is obfuscated.

Expected Behavior

The password2 field in the crypt remote created by RClone Manager should also be obfuscated, as expected by rclone.

Relevant Logs

Example (with dummy values) created by rclone:

[crypt-endpoint-created-by-rclone]
name = crypt-on-webdav
type = crypt
remote = webdav-in-rclone:
password = qgN5FC0IjxEp8pFdRJBl56N6ArfQB2KJ6Ah_8YkBPaKSx4I
password2 = i7qODRy6vcboK6ZMloXOOaurGCaPggdqELyb4rkJZ8v0mLoLBs0UAMF98FhUZhcSe9Gi9iUyBbRDciWZB9v_IDkqYDpFCD-QsRBKfLWIMX3kTGOqoCTu0Q5qUP0r4S3jq4MYdb3h3Cqnfh0

Example created by RClone Manager:

[crypt-endpoint-created-by-rclone-manager]
name = crypt-on-webdav
type = crypt
remote = webdav-in-rclone:
password = qgN5FC0IjxEp8pFdRJBl56N6ArfQB2KJ6Ah_8YkBPaKSx4I
password2 = reminder-duller-imitation-carefully-wish-panorama-swindle-spookily-colonize-tissue-outbound

Screenshots/Recordings

No response

Additional Context

Apart from the password and salt, I have used default values.

Thank you for the nice GUI that helps to use rclone! 👍

Metadata

Metadata

Assignees

Labels

bugSomething isn't workinghelp wantedExtra attention is needed

Type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions