documentation: add cheatsheet for configuration encryption
This commit is contained in:
parent
b49927fbd0
commit
91b11f9eac
1 changed files with 51 additions and 0 deletions
|
@ -2620,6 +2620,57 @@ general, but are used without referencing a stored remote, e.g.
|
||||||
listing local filesystem paths, or
|
listing local filesystem paths, or
|
||||||
[connection strings](#connection-strings): `rclone --config="" ls .`
|
[connection strings](#connection-strings): `rclone --config="" ls .`
|
||||||
|
|
||||||
|
Configuration Encryption Cheatsheet
|
||||||
|
-----------------------------------
|
||||||
|
You can quickly apply a configuration encryption without plain-text
|
||||||
|
at rest or transfer. Detailed instructions for popular OSes:
|
||||||
|
|
||||||
|
### Mac ###
|
||||||
|
|
||||||
|
* Generate and store a password
|
||||||
|
|
||||||
|
`security add-generic-password -a rclone -s config -w $(openssl rand -base64 40)`
|
||||||
|
|
||||||
|
* Add the retrieval instruction to your .zprofile / .profile
|
||||||
|
|
||||||
|
`export RCLONE_PASSWORD_COMMAND="/usr/bin/security find-generic-password -a rclone -s config -w"`
|
||||||
|
|
||||||
|
### Linux ###
|
||||||
|
|
||||||
|
* Prerequisite
|
||||||
|
|
||||||
|
Linux doesn't come with a default password manager. Let's install
|
||||||
|
the "pass" utility using a package manager, e.g. `apt install pass`,
|
||||||
|
`yum install pass`,
|
||||||
|
[etc.](https://www.passwordstore.org/#download); then initialize a
|
||||||
|
password store:
|
||||||
|
|
||||||
|
`pass init rclone`
|
||||||
|
|
||||||
|
* Generate and store a password
|
||||||
|
|
||||||
|
`echo $(openssl rand -base64 40) | pass insert -m rclone/config`
|
||||||
|
|
||||||
|
* Add the retrieval instruction
|
||||||
|
|
||||||
|
`export RCLONE_PASSWORD_COMMAND="/usr/bin/pass rclone/config"`
|
||||||
|
|
||||||
|
### Windows ###
|
||||||
|
|
||||||
|
* Generate and store a password
|
||||||
|
|
||||||
|
`New-Object -TypeName PSCredential -ArgumentList "rclone", (ConvertTo-SecureString -String ([System.Web.Security.Membership]::GeneratePassword(40, 10)) -AsPlainText -Force) | Export-Clixml -Path "rclone-credential.xml"`
|
||||||
|
|
||||||
|
* Add the password retrieval instruction
|
||||||
|
|
||||||
|
`[Environment]::SetEnvironmentVariable("RCLONE_PASSWORD_COMMAND", "[System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR((Import-Clixml -Path "rclone-credential.xml").Password))")`
|
||||||
|
|
||||||
|
### Encrypt the config file (all systems) ###
|
||||||
|
|
||||||
|
* Execute `rclone config` -> `s`
|
||||||
|
|
||||||
|
* Add/update the password from previous steps
|
||||||
|
|
||||||
Developer options
|
Developer options
|
||||||
-----------------
|
-----------------
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue