Issue with restic/rclone

Greetings,

Storj increased their minimum spend by 10x, and I decided to take a look at Backblaze for doing incremental backups. I was able to rclone all restic repos over on the test box, and the existing accounts work fine.

When I create a new user, the system tries to run a backup - it sees there is no restic.conf file (containing the restic password for that user), and it attempts to initialize. I get a message saying:

rclone: 2026/06/03 12:11:12 ERROR : : Create repo failed to Mkdir: operation error S3: CreateBucket, https response error StatusCode: 403, RequestID: xxx, HostID: xxx, api error AccessDenied: not entitled
Fatal: create repository at rclone:backblaze:/some.domain.com/someuser failed: server response unexpected: 500 Internal Server Error (500)

Once it errors here, it then creates the restic.conf file and subsequent runs complains :

Fatal: unable to open config file: does not exist
Is there a repository at the following location?

It appears like Backblaze does not let you create a directory, you are supposed to just reference it and it will work. Here is why I say that:

#rclone mkdir backblaze:/some.domain.com/test2

2026/06/03 12:23:09 NOTICE: S3 bucket some.domain.com path test2: Warning: running mkdir on a remote which can’t have empty directories does nothing
2026/06/03 12:23:09 ERROR : Attempt 1/3 failed with 1 errors and: operation error S3: CreateBucket, https response error StatusCode: 403, RequestID: xxx, HostID: xxx, api error AccessDenied: not entitled
2026/06/03 12:23:09 ERROR : Attempt 2/3 failed with 1 errors and: operation error S3: CreateBucket, https response error StatusCode: 403, RequestID: xxx, HostID: xxx, api error AccessDenied: not entitled
2026/06/03 12:23:09 ERROR : Attempt 3/3 failed with 1 errors and: operation error S3: CreateBucket, https response error StatusCode: 403, RequestID: xxx, HostID: xxx, api error AccessDenied: not entitled
2026/06/03 12:23:09 NOTICE: Failed to mkdir: operation error S3: CreateBucket, https response error StatusCode: 403, RequestID: xxx, HostID: xxx, api error AccessDenied: not entitled

Anyone here had any experience with this or what maybe to look at? I searched through the hestia/bin folder for anything rclone and mkdir and find nothing, so not sure whats trying to make the directory.

Thanks,

I don’t know if this is related, but I was trying to set up a backup to Backblaze yesterday using restic and failed to get it to work - lots of 403/permission errors. AI advice had me deleting and re-issuing keys with more and more privileges (ListBuckets, ListAllBucketNames etc), until it started suggesting that I let it have full privileges. At that point I set up a bucket in Cloudflare storage instead and it worked instantly.
However, I’ve set up Backblaze before without this hassle. I’m wondering if they changed something recently, or there is a bug.

Im still struggling here. Im not sure that its HestiaCP itself, or maybe it is. I have no idea. I am just trying to run restic -r “rclone:backblaze:bucketname/test” init and its failing.

rclone: 2026/06/09 12:56:16 ERROR : : Create repo failed to Mkdir: operation error S3: CreateBucket, https response error StatusCode: 403, RequestID: xxx, HostID: xxx, api error AccessDenied: not entitled
Fatal: create repository at rclone:backblaze:bucketname/test failed: server response unexpected: 500 Internal Server Error (500)

Seems like it might actually be in the restic/rclone combination, but not sure?

I was able to resolve it. The issue appears to be a compatibility issue with Backblaze and S3 and how rclone was trying to write files. I switched the backend from S3 and Other to b2, and it just took off and worked. Since restic is using rclone for backend, it required no other change to make things work. Thanks

Interesting. Can you share the details of what worked and what didn’t.
I’m trying to solve a similar problem: I synced a local repo up to backblaze using rclone. But when I try to access it with restic, it can’t find the config file (which is sitting there in plain sight). I’m thinking somehow the two tools use different protocols.