Hi,
Context: I have several folders on my syncthing machines, say:
I don’t mind if the pictures are transferred across the internet via relays, but I’d like to keep the credential sync under control in my home network.
Question: Is there a way I can enable relaying and nat traversal for specified folders only?
No, it’s a single connection for all folders.
Well that would be a useful feature 
Yet I suspect it’s a fairly large amount of work to make it happen.
Yeah well, if software was straightforward, we’d know by now.
Any other way round the problem you’d recommend? Maybe running two instances of syncthing on my backup system, one allowed relaying, the other not?
Yeah that would work.
As others said, the answer is no. But I’d like to clarify that relayed traffic is end-to-end encrypted with TLS. You shouldn’t worry about relays eavesdropping or modifying your traffic anymore than you’d worry about TLS without the X.509 PKI being broken.
Agreed, that’s why I don’t mind transferring pictures over the internet. However sometimes even TLS gets broken, so I’d rather keep my credentials behind closed doors Even if TLS 1.2 is broken 10 years from now, someone might have stored my data somewhere.
Then you shouldn’t use internet in general, as credential are only useful when authenticating with remote systems that happen to live on the internet, which happens to use TLS. If you were in the business of recording data and in 10 years recovering credentials, you would surely target ISP’s or large government websites rather than some relay server which carries questionable value traffic.
You may be right. I’ll look into it.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.