Encrypt all content on one/multiple devices

msjsc001 · August 23, 2023, 7:48am

Hello developers.

Is it possible to add a feature that says, “Encrypt all content on one/multiple devices”?

Since I will be using syncthing to help sync other devices on a cloud server, I don’t want to give the cloud server provider access to the content of the files I need to sync for privacy reasons.

I would like to have the option to have the encrypted content be fully encrypted and not be accessible by others when syncthing as a relay to sync content when using a third party server.

I know that I can use software like CRYPTOMATOR to encrypt the files before transferring them, but this is not convenient because some devices can’t see the contents in time and don’t support the installation of such software.

I made the request on github but it was closed.

github.com/syncthing/syncthing

Encrypt all content on one/multiple devices

opened 07:31AM - 23 Aug 23 UTC

closed 07:40AM - 23 Aug 23 UTC

msjsc001

enhancement needs-triage

Hello developers. Is it possible to add a feature that says, "Encrypt all con…tent on one/multiple devices"? Since I will be using syncthing to help sync other devices on a cloud server, I don't want to give the cloud server provider access to the content of the files I need to sync for privacy reasons. I would like to have the option to have the encrypted content be fully encrypted and not be accessible by others when syncthing as a relay to sync content when using a third party server. I know that I can use software like CRYPTOMATOR to encrypt the files before transferring them, but this is not convenient because some devices can't see the contents in time and don't support the installation of such software.

er-pa · August 23, 2023, 8:28am

As stated in the Github-issue; that is already possible. In Syncthing you can find it under untrusted devices, see Untrusted (Encrypted) Devices — Syncthing documentation for more details.

Basically, when sharing a folder with a device - you can set a password. When that password is set it’ll become an encrypted folder for that specific device and the folder’s type (on that device, when accepting it) will be receive encrypted.

On a side-note (since you mentioned relay combined with third party as a sub-reason to want this), the connection between two devices is already end-to-end encrypted. The relay only retransmits the encrypted data much like a router and cannot access the plain content either way (more info: Relaying — Syncthing documentation).

Wank · August 23, 2023, 10:40am

FYI,

Cryptomator works everywhere pretty much. Android, iphone/ipdad, macos, Linux. Only hassle is they charge $$ for smart phones. Desktops are free.

There is another nice little handy tool that does file encrytion from source to destination. It’s client side encryption, so all files get encrypted before they land on the cloud server. You already have a solution from somebody else for this specific issue I just wanted to let you know that there’s another program out there like cryptomator that is open source it’s a command line utility and works on Windows Linux and Mac. No phone support.

Cryptomator works everywhere pretty much. Android, iphone/ipdad, macos, Linux.

It’s called Rclone. You can encrypt files by moving them from one folder to another folder on the same computer or from the local computer to a cloud drive. over forty different cloud drive providers are supported. You can use it to easily mount cloud drives on Linux. Get to your Onedrive files from Linux for example.

I keep all of my cloud drive files encrypted with Cryptomator.

It’s only a command line tool, and not for novice users. Cryptomator is easy for everyone, and works on phones.

This gives you a batch file or scripting option to encrypt data. So long as you know how to write scripts on different operating systems.

Anyway, post your results, this sounds like a very interesting project.