Thanks for the research. Question, I am running Duplicati in a Docker container running on a Synology NAS - and neither the container nor Diskstation (Synology NAS OS) contain rclone… so I guess this is not an option?
Could you not mount a volume in that Docker container with rclone in it? Sorry I don’t really know much about that config.
Hi,
did you “rclone mount” it first?
Sorry I really don’t know, I use Duplicati on Windows. I didn’t mount anything, I just set up rclone on the machines doing the backup along side where Duplicati was running.
Just got another response from Jottacloud support:
“Hi!
We are looking into the issue Duplicati users are reporting regarding authentication, to see if we can make a temporary fix as a one-off for this specific issue. No change in our policy regarding support of third-party apps/services.”
So maybe it is not all lost after all, except that in time of course Duplicati would have to be able to work without this “temporary fix”…
I received the same answer from Jottacloud after asking them what and how they will suppoert in the future:
We are looking into the issue Duplicati users are reporting regarding authentication, to see if we can make a temporary fix as a one-off for this specific issue. No change in our policy regarding support of third-party apps/services.
The question - whether the end of service was announced (prior the switch off) in a user friendly manner, in order the affected customer can find alternativ solution - wasn’t answered yet.
Got the same copy and paste response after I complained that this move had not been announced at all.
My main concern at this point is that the CLI token is not withdrawn too. That would break rclone.
Moving away from basic auth is an important security upgrade for our users, and we are very reluctant to reverse this change. We have re-enabled it for Duplicati users, but Duplicati needs to find a fix before June 1st 2022 at, when it will be disabled.
Can confirm, that is also what I got from JottaCloud support:
Blockquote
|### Nathan from Jottacloud|9:31 AM (1 minute ago)||
![]() |
---|
to me |
|
Moving away from basic auth is an important security upgrade for our users, and we are very reluctant to reverse this change. We have re-enabled it for Duplicati users, but Duplicati needs to find a fix before June 1st 2022 at, when it will be disabled.
Blockquote
What are the odds we could get a fix by then?
I kinda understand the move, in my company we use SAML/OIDC for all authentication outside own network - this will only intensify, so duplicati should support those even if not related to jottacloud.
I 100% agree. Also, I just confirmed I had a successful backup so we’re good (for now).
Got the same message from Jottacloud support and also confirm backups run once again. The June deadline is one that Duplicati can hopefully make…
Well even if they don’t meet the deadline, at least this gives us some runway to look at other options.
What else would they support? That, plus the scarcity of developers (any out there?) may raise issues.
If a developer-volunteer can sort this out soon, Canary releases can be done, but they’re less “proven”.
The schedule for Beta releases (which is as high as it goes now) is basically not-very-often these days.
Got scared over the weekend, that my Jottacloud was hacked.
Now I know the reason, why it isn’t working anymore.
Unfortunately I still get the 401 error even so Jottacloud support says otherwise? Any suggestions?
Works for me now, no change needed on my side.
Really hope that we can get OIDC working in Duplicati, as this is the cheapest option for my 7TB of backups…
I can confirm that Duplicati is working again, but only until June.
The rclone option seems to be stable.
There are lots of things that Duplicati could/should do, and it is entirely limited by what developers help.
[s3][minio] Feature request : authentication using OpenID #4199 is an open issue also asking for OIDC.
As a community project developed by volunteers, is that an offer to help solution? You sound technical.
Jottacloud removed basic authentication, Duplicati can no longer connect #4697 is my latest deep post which points out not only the technical but also the staffing challenge. There is hope, but it needs work. Anybody who knows authentication standards, C#, Python, Google App Engine, etc. is invited to help…
As with all Duplicati things, there is more demand for things than volunteer resources to provide supply. Even people helping on the forum, testing, reading/writing manuals (all not hugely hard) would help out.
You can keep an eye on the GitHub issue, and see if anybody jumps onto this hard. Any jumpers here?
Anybody know what this part of the Jottacloud Mar 25 tweet means? Asking experienced service users. Dealing with storage providers that sound like they don’t really want us there is just asking for trouble…
True, but not a developer, unfortunately. Subbed to both githubs, let’s what’s explored already.
I wouldn’t be really surprised if they wanted to get rid of all “personal” accounts (most of duplicati users probably) even from business (non-technical) perspective as the price for 10TB is 6x more in the “home” variant.