Skip to content

Export configuration password to env variable and only remember it for some time

Jump to bottom Edit New page
Andrei Shevchuk edited this page Feb 23, 2021 · 2 revisions

As configuration encryption docs mention:

If it is safe in your environment, you can set the RCLONE_CONFIG_PASS environment variable to contain your password, in which case it will be used for decrypting the configuration.

It also provides a short script to do so, which can be improved to only remember your password for some time (similar to sudo). For Unix like systems you can save this to a file somewhere in your $PATH, e.g. ~/.local/bin/rclone-unlock

#!/bin/echo Source this file don't run it

echo "Password:"

read -s RCLONE_CONFIG_PASS
export RCLONE_CONFIG_PASS

if [ -n "$RCLONE_PASS_TIMEOUT" ]; then
  pid=$$
  trap 'unset RCLONE_CONFIG_PASS' SIGALRM
  ( ( sleep $RCLONE_PASS_TIMEOUT ; kill -ALRM $pid ) & )

  echo -n "Password will be remembered in this session for $RCLONE_PASS_TIMEOUT"
  [[ $RCLONE_PASS_TIMEOUT =~ [smhd] ]] && echo || echo " seconds"
fi

Then source this file when you want to use it: . rclone-unlock. It will then ask you for the password and set it in the environment variable.

If you set password timeout to some amount of time (in format sleep accepts) with RCLONE_PASS_TIMEOUT environment variable, RCLONE_CONFIG_PASS will be unset after that time.

You can also clear RCLONE_CONFIG_PASS sourcing rclone-unlock as usual and then just hitting Enter (thus setting empty password).

rclone

"rsync for cloud storage" - Google Drive, Amazon Drive, S3, Dropbox, Backblaze B2, OneDrive, Swift, Hubic, Cloudfiles, Google Cloud Storage, Yandex Files https://rclone.org

Rclone

Clone this wiki locally