Jottacloud Error 401 (Unauthorized)

Moving away from basic auth is an important security upgrade for our users, and we are very reluctant to reverse this change. We have re-enabled it for Duplicati users, but Duplicati needs to find a fix before June 1st 2022 at, when it will be disabled.

1 Like

Can confirm, that is also what I got from JottaCloud support:

Blockquote
|### Nathan from Jottacloud|9:31 AM (1 minute ago)||

|
| — | — | — |
|to me

|

Moving away from basic auth is an important security upgrade for our users, and we are very reluctant to reverse this change. We have re-enabled it for Duplicati users, but Duplicati needs to find a fix before June 1st 2022 at, when it will be disabled.

Blockquote

What are the odds we could get a fix by then? :pray:

I kinda understand the move, in my company we use SAML/OIDC for all authentication outside own network - this will only intensify, so duplicati should support those even if not related to jottacloud.

I 100% agree. Also, I just confirmed I had a successful backup so we’re good (for now).

Got the same message from Jottacloud support and also confirm backups run once again. The June deadline is one that Duplicati can hopefully make…

Well even if they don’t meet the deadline, at least this gives us some runway to look at other options.

1 Like

What else would they support? That, plus the scarcity of developers (any out there?) may raise issues.
If a developer-volunteer can sort this out soon, Canary releases can be done, but they’re less “proven”.
The schedule for Beta releases (which is as high as it goes now) is basically not-very-often these days.

Got scared over the weekend, that my Jottacloud was hacked.
Now I know the reason, why it isn’t working anymore.
Unfortunately I still get the 401 error even so Jottacloud support says otherwise? Any suggestions?

Works for me now, no change needed on my side.

Really hope that we can get OIDC working in Duplicati, as this is the cheapest option for my 7TB of backups…

I can confirm that Duplicati is working again, but only until June.

The rclone option seems to be stable.

There are lots of things that Duplicati could/should do, and it is entirely limited by what developers help.
[s3][minio] Feature request : authentication using OpenID #4199 is an open issue also asking for OIDC.

As a community project developed by volunteers, is that an offer to help solution? You sound technical.

Jottacloud removed basic authentication, Duplicati can no longer connect #4697 is my latest deep post which points out not only the technical but also the staffing challenge. There is hope, but it needs work. Anybody who knows authentication standards, C#, Python, Google App Engine, etc. is invited to help…

As with all Duplicati things, there is more demand for things than volunteer resources to provide supply. Even people helping on the forum, testing, reading/writing manuals (all not hugely hard) would help out.

You can keep an eye on the GitHub issue, and see if anybody jumps onto this hard. Any jumpers here?

Anybody know what this part of the Jottacloud Mar 25 tweet means? Asking experienced service users. Dealing with storage providers that sound like they don’t really want us there is just asking for trouble…

1 Like

True, but not a developer, unfortunately. Subbed to both githubs, let’s what’s explored already.

I wouldn’t be really surprised if they wanted to get rid of all “personal” accounts (most of duplicati users probably) even from business (non-technical) perspective as the price for 10TB is 6x more in the “home” variant.

I’m pretty sure that the business goals connect to the technical non-support. Companies need money. Volunteer operations like Duplicati need donated services (because money is too little to hire people).

Inexpensive Cloud Storage Option has some comments on the perils of good deals for the consumer.
There’s a startup’s failure there. For a big-business failure, look at Amazon Cloud Drive discontinued.

Backblaze is an interesting business. Their personal backup client aims for high simplicity, which means an unlimited storage model. For how that flies, do a web search for “backblaze” “lives on the averages”. People who want fancy backup programs pick what they like, and pay for just what they use on B2 side.

If there is anybody out there interested in trying syncosync as an “independent from cloud vendors”, “cost sensitive”, “fire and forget” personal cloud alternative, I’d be happy to help in setting the thing up - if there is the need for help above documentation…

1 Like

That looks like it could be the perfect solution for my problem! Thanks for this project - already texted a potential “sync buddy”!

1 Like

Here is an answer from Jottacloud, what they’re going to support:

We’ll be using openID. When it comes to third-party services, such as Duplicati, they are still not officially supported.

Thank you for reporting.

Jottacloud never published an official API, but it has been reverse engineered and used in different projects, since maybe 2014. They are obviously not opposed to such use even if not officially endorsing it, e.g. based on the fact that they re-enabled legacy auth after Duplicati user’s feedback, and in the past they even encouraged it in the old forum.

Its been working in Duplicati since 2017 and in rclone since 2018, in rclone with the new authentication since end of 2019. I think there is a chance we can get a working Jottacloud backend in Dupliati using the current OpenID/OAuth based authentication (#4699 and #7). Even though we have no guarantees, I would expect that to work for years to come. Its not like Jottacloud does changes very often, see their blog for instance.

On Twitter they said that the CLI token will remain available. That token works with rclone, which in turn works with Duplicati.

Could you explain this a bit more in detail please?
I am trying to setup rclone with duplicati but Im failing.
Got rclone working from cli with Jottacloud. But I do not know how to configure Duplicati.

What I did for the local repo:

  1. Synced the Duplicati tmp folder to another tmp folder for rclone

rclone sync -i /share/CACHEDEV1_DATA/.qpkg/Duplicati/tmp /share/CACHEDEV1_DATA/.tmp/rclone

  1. configured duplicati

  2. Testing the connection gives me the following error
    Failed to connect: Missing config file? 2022/04/13 21:15:25 NOTICE: Config file "/share/CACHEDEV1_DATA/.qpkg/Duplicati/.config/rclone/rclone.conf" not found - using defaults2022/04/13 21:15:25 Failed to create file system for "Jotta:Backup": didn't find section in config file

What am I missing?

Hi FreaQ. You need to first configure rclone from the command line:

You need to create two remotes, one for Jottacloud and one for local. The local one must be local file storage, in-memory doesn’t work.

Once you have those set up, configure Duplicati like this:

2 Likes