Hi Joseph Curto thats a good point to raise and I can see what you mean. Nice to see you’re like me and interested by GocryptFS — really great project.

In GoCryptFS creates these files on init and the dir file is also created in each directory too. But these files themselves are salted an ecrypted and can only be made into sensible data when you mount/input password on the host machine.

With Rclone, config files can be copies and potentially used to mount encrypted drives/decrypt them but this is easily avoided by password protecting your config files.

I hope this clears things up! GoCryptFS has been subject to a security audit and if you have the time, its worth the read!! You’ll learn the mitigation techniques used and the developer took actionable steps against the report.

https://defuse.ca/downloads/audits/gocryptfs-cryptography-design-audit.pdf