Can I decrypt a single file or a selection of files from an untrusted folder?

I’m wondering, is there a way I decrypt a single file or a selection of files from an untrusted folder? Or is there some way I can easily run Syncthing decrypt once like in verify mode, retrieve some sort of data (CSV, TSV, JSON) of encrypted file name = plaintext file name and in the second stage I tell Syncthing to which file(s) I want to have?

It doesn’t have to be perfect, I’m fine if I have to write a script for that. GitHub - charmbracelet/gum: A tool for glamorous shell scripts 🎀 could be quite useful to to get some of the UX parts of a shell script done with ease. Some of use cases either have resource constraints or I simply just don’t want to wait for a larger folder to decrypt completely. Right now from what I can see I would have to process the output of verify myself

I don’t think there’s a way to do this currently. Maybe the easiest would be to add a parameter to syncthing decrypt to match on the plaintext file name.

1 Like

That would be a great thing to have and more than I asked for. :slight_smile:

For what it’s worth, here’s a manual process that works today which you may be able to script.

First, run syncthing decrypt --verify-only --verbose to get a mapping from encrypted files to plaintext files. You’ll get something like this for a file you’re interested in:

Processing "3.syncthing-enc/G6/3C6IDQH6BB25CNROFUEEKV8GK9GLL5DIGKQB0VC0J81BQE0760RIPHS38LNIPFVUA376O38"
Plaintext filename is "2022/track-20220530-074220.gpx"

Then, copy the encrypted file and the folder marker to a temporary directory. Here, my encrypted data is in nmea.encrypted and I’m creating a temporary copy in tmp/ext.

% mkdir tmp/ext
% cp -r nmea.encrypted/.stfolder tmp/ext
% cp nmea.encrypted/3.syncthing-enc/G6/3C6IDQH6BB25CNROFUEEKV8GK9GLL5DIGKQB0VC0J81BQE0760RIPHS38LNIPFVUA376O38 tmp/ext

Then, decrypt the temporary directory (with just the one file in it) to somewhere.

% syncthing decrypt --verbose tmp/ext --to tmp/dec --password whatever
Found folder ID: dk3rr-ctslt
Plaintext filename is "2022/track-20220530-074220.gpx"
Data verified for "2022/track-20220530-074220.gpx"

You now have just the one decrypted file in tmp/dec.

But a pull request to add a filter parameter to the decrypt command would be welcome.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.