Guild icon
S3Drive
Community / support / Sync local folder to remote Storj S3 bucket doesn't wrap E2E despite enabled in account settings
Avatar
DC 7/28/2025 4:50 PM
Currently evaluating this amazing tool, using the free version right now. Does the local-file-to-remote-S3 respect the E2E settings from the account used for the sync? In my test it copies data in plain, without the S3Drive rsync crypt wrapper. It's only using the selected S3 gateway, despite me having activated the additional private key for the connection in the account setting.
Avatar
Tom 7/28/2025 8:00 PM
Hi @DC, Thanks for your report. What's your OS? Are you using latest version? How did you configure Storj, did you connect using S3 credentials or perhaps used Rclone Storj configuration? Did you enable both E2E encryption and filepath encryption? (it should be enabled automatically with E2E content encryption). How do you verify that files aren't encrypted? Finally, what upload method did you use? Was it "Upload files", drag&drop, sync or perhaps mount? Thanks!
Avatar
Avatar
Tom
Hi @DC, Thanks for your report. What's your OS? Are you using latest version? How did you configure Storj, did you connect using S3 credentials or perhaps used Rclone Storj configuration? Did you enable both E2E encryption and filepath encryption? (it should be enabled automatically with E2E content encryption). How do you verify that files aren't encrypted? Finally, what upload method did you use? Was it "Upload files", drag&drop, sync or perhaps mount? Thanks!
DC 7/29/2025 5:34 AM
  • Linux Mint 22 Wilma base: Ubuntu 24.04 noble
  • S3Drive v1.14.4 (build: 10140400)
  • StorJ S3 cred added manually via S3Drive UI flow
  • S3Drive account settings for StorJ account: E2E + filename encr, but V1 cipher for standard rsync
  • S3Drive Free version, Sync feature: files in a local folder to StorJ S3 bucket, copy
  • no S3 mount (not possible in free version), no upload or drag&drop
  • no folders are part of the transfer, just files in a base folder to the bucket root!
  • expected: encrypted files show on StorJ web UI, but the sync-copy from the local folder is not encrypted after transfer. It looks like using the S3Drive Sync feature doesn't wrap the rclone sync around the S3 credentials, at least on the free version.
Not sure if the sync feature is intended to work on the free version with an S3 bucket, since the similar Drive mount is Ultimate version. But if its available it should wrap, or it needs a feature flag to exclude the sync for the Free version. Files uploaded through S3Drive UI (drag&drop) transfer to StorJ S3 bucket as expected with getting encrypted. note: I do have Rclone Browser (with default repo rclone 1.6... not 1.7...) installed locally and added StorJ S3 creds and the crypt wrapper using the key created from S3Drive, to verify the E2E decrypt option outside of the S3Drive app. But imho this shouldn't affect the S3Drive behavior, nor the credentials stored in S3 Drive. (edited)
Avatar
Tom 7/29/2025 7:26 AM
Thanks for this detailed description. I've configured sync to s3drive_bucket1, I've then enabled E2EE in the Profile/Account settings. This change doesn't apply automatically to existing Sync entries, since Rclone doesn't really support mixing both unencrypted/encrypted files. I think it's fair to assume that if unencrypted Sync config existed then some files were already synced. In such case please reselect the Remote using Modify/Configure sync. If E2EE is enabled then instead of s3drive_bucket1, the s3drive_enc_bucket1 will appear and from that point it will use the crypt wrapper properly. I hope that makes sense. If my guess regarding issue that you experience wasn't correct, please let us know, so we can troubleshoot further.
Image attachment
Image attachment
Image attachment
👍 1
Avatar
DC 7/29/2025 8:04 AM
Yes, I did indeed tinker around with E2E settings and might have created the sync task while the S3 account was without E2E setting active. I've redone the sync task and now the file shows encrypted at the StorJ S3 webview. Thanks for the clarification! For your consideration:
  • since the Sync feature seems global and not related to the S3 account, it might help to move the main menu list item closer to global settings: Account settings, Transfers (if per account) ---- Sync, Global settings, About, Remove, Quit. so this is understood intuitively.
  • if the global sync task list shows E2E and normal transfers in one singele list: color coding the sync list tasks, indicating if its using an E2E wrapper (green) might be useful.
Next few days I'll try to sync two remote S3 buckets with and without a local base folder and E2E. This way I can use one main S3 bucket for data, and sync to another S3 bucket at a different storage provider for out-of-region backup. If this works, S3Drive would be the first nice GUI tool on a Linux Desktop that can do this in the background, E2E, and give the user desktop access to the files in the usual way. (edited)
Avatar
Avatar
DC
Yes, I did indeed tinker around with E2E settings and might have created the sync task while the S3 account was without E2E setting active. I've redone the sync task and now the file shows encrypted at the StorJ S3 webview. Thanks for the clarification! For your consideration:
  • since the Sync feature seems global and not related to the S3 account, it might help to move the main menu list item closer to global settings: Account settings, Transfers (if per account) ---- Sync, Global settings, About, Remove, Quit. so this is understood intuitively.
  • if the global sync task list shows E2E and normal transfers in one singele list: color coding the sync list tasks, indicating if its using an E2E wrapper (green) might be useful.
Next few days I'll try to sync two remote S3 buckets with and without a local base folder and E2E. This way I can use one main S3 bucket for data, and sync to another S3 bucket at a different storage provider for out-of-region backup. If this works, S3Drive would be the first nice GUI tool on a Linux Desktop that can do this in the background, E2E, and give the user desktop access to the files in the usual way. (edited)
Tom 7/29/2025 8:41 AM
For your consideration: since the Sync feature seems global and not related to the S3 account, it might help to move the main menu list item closer to global settings: Account settings, Transfers (if per account) ---- Sync, Global settings, About, Remove, Quit. so this is understood intuitively. if the global sync task list shows E2E and normal transfers in one singele list: color coding the sync list tasks, indicating if its using an E2E wrapper (green) might be useful.
Thanks for your suggestion, we'll certainly have it in mind. We'll try to come up with something better indication in the near future. I can see now that this isn't clear exactly.
Next few days I'll try to sync two remote S3 buckets with and without a local base folder and E2E. This way I can use one main S3 bucket for data, and sync to another S3 bucket at a different storage provider for out-of-region backup. If this works, S3Drive would be the first nice GUI tool on a Linux Desktop that can do this in the background, E2E, and give the user desktop access to the files in the usual way.
Good luck, it's a pleasure to be part of this project and whenever I hear a positive comment from a Linux user, it really validates our direction 🙂 If you have any other ideas or need help regarding other aspects, don't hesitate to reach out to me!
👍 1
Exported 6 message(s)
Timezone: UTC+0