today I tried to restore some files from an encrypted node.
It’s a test for an emergency scenario, but unfortunately it didn’t work and now takes away some of my confidence.
The error is “chacha20poly1305: message authentication failed”.
I think it only occurs with one file, at least the error in the logs only occurs once and the remaining thousand files were probably recovered.
After decrypting, compare the decrypted folder against the original folder to find the damaged file.
A major difficulty with file encryption is that any filesystem corruption makes things much more difficult to recover from compared to when files aren’t encrypted, so it’s generally a good idea to have a proper backup of the unencrypted files. It’s also very helpful to run diagnostics on the storage device and the filesystem volume to detect and repair errors as early as possible.
The error shown in OPs post comes from the syncthing decrypt command. It can’t decrypt the file since the authentication is broken, which is obviously checked by the decrypt command.
Based on the first “processing” message, it appears that it tries to decrypt a temp file from syncthing. This temp file may be a leftover, or an indication that sync was ongoing while you ran the decrypt. In any case, this temp file doesn’t appear to be an “actual” file. The decrypted filename also doesn’t seem to relate to an actual file on your filesystem.
I would check whether you’re actually missing files and if not, you can just ignore that error. It doesn’t appear to be related to anything real.