diff --git a/src/duplicacy_backupmanager.go b/src/duplicacy_backupmanager.go
index 2fa3fa2a..1859eccc 100644
--- a/src/duplicacy_backupmanager.go
+++ b/src/duplicacy_backupmanager.go
@@ -1732,7 +1732,11 @@ func (manager *BackupManager) CopySnapshots(otherManager *BackupManager, snapsho
 			newChunk := otherManager.config.GetChunk()
 			newChunk.Reset(true)
 			newChunk.Write(chunk.GetBytes())
-			newChunk.encryptionVersion = chunk.encryptionVersion
+			if chunk.encryptionVersion == ENCRYPTION_VERSION_RSA {
+				newChunk.encryptionVersion = CHUNK_RSA_ENCRYPTION_ENABLED
+			} else {
+				newChunk.encryptionVersion = CHUNK_RSA_ENCRYPTION_DISABLED
+			}
 			chunkUploader.StartChunk(newChunk, chunkIndex)
 			totalCopied++
 		} else {
diff --git a/src/duplicacy_chunk.go b/src/duplicacy_chunk.go
index 37d74887..d66726d1 100644
--- a/src/duplicacy_chunk.go
+++ b/src/duplicacy_chunk.go
@@ -63,14 +63,21 @@ type Chunk struct {
 	config *Config // Every chunk is associated with a Config object.  Which hashing algorithm to use is determined
 	// by the config
 
-	encryptionVersion byte // The version type in the encrytion header
+	encryptionVersion byte // The version type in the encrytion header; for a chunk to be copied, this field contains
+	// one of the CHUNK_RSA_ENCRYPTION_* constants to indicate how the new chunk should be encrypted
 }
 
 // Magic word to identify a duplicacy format encrypted file, plus a version number.
 var ENCRYPTION_HEADER = "duplicacy\000"
 
+// RSA encrypted chunks start with "duplicacy\002"
 var ENCRYPTION_VERSION_RSA byte = 2
 
+// These constants are used to control how a new chunk should be encrypted by the copy command
+var CHUNK_RSA_ENCRYPTION_DEFAULT byte = 0   // No RSA encryption explicitly requested
+var CHUNK_RSA_ENCRYPTION_DISABLED byte = 1  // The RSA encryption should be turned off
+var CHUNK_RSA_ENCRYPTION_ENABLED byte = 2   // The RSA encryption should be forced on
+
 // CreateChunk creates a new chunk.
 func CreateChunk(config *Config, bufferNeeded bool) *Chunk {
 
@@ -193,7 +200,10 @@ func (chunk *Chunk) Encrypt(encryptionKey []byte, derivationKey string, isSnapsh
 
 		key := encryptionKey
 		usingRSA := false
-		if chunk.config.rsaPublicKey != nil && (!isSnapshot || chunk.encryptionVersion == ENCRYPTION_VERSION_RSA) {
+		// If encryptionVersion is not set, use the default setting (RSA for file chunks only);
+		// otherwise, enable RSA encryption only when explicitly requested
+		if chunk.config.rsaPublicKey != nil &&
+		    ((!isSnapshot && chunk.encryptionVersion == CHUNK_RSA_ENCRYPTION_DEFAULT) || chunk.encryptionVersion == CHUNK_RSA_ENCRYPTION_ENABLED) {
 			// If the chunk is not a snpashot chunk, we attempt to encrypt it with the RSA publick key if there is one
 			randomKey := make([]byte, 32)
 			_, err := rand.Read(randomKey)