Encrypt "local" Data at remote site

(Jean-Francois Bourdeau) #1

Suppose I install a syncthing on a remote.

But that I want the data encrypted encrypted at the remote site for security reason ( in case it is stolen or whatever reason someone access it).

Does Syncthing has something for that ? Just curious…

Else I just have to use the OS (linux) built in encryption and have a good password.

I know the exchange of data over the net is secure but was wondering if Syncthing would make the OfficeSite server secure or if,s more the OS that would handle that part


(Audrius Butkevicius) #2

No, there is a 4 year old ticket asking to implement this.


I’d recommend EncFS or CryFS for that use case.

I have used both and they work very well if you are in a “sync to untrusted third party (ie. Dropbox)” scenario.

EncFS is well established and has received security audit.

CryFS in theory has better security, but did not receive as much scrutiny, and is also a bit young. For example the stable version does not support the “noatime” mount options, so that generates needless file block updates, even in idle workloads. If two devices sharing the same folder are online at the same time, this is a sure way to generate sync conflicts. Also the fact that they chose to go with CMake as a build system, for a new project in this day and age, is also insane in my opinion.

(uok) #4

Related issue: #109

I use Duplicati for backup together with Syncthing. It works really well but you need twice the space because files need to be encrypted before they can be transferred/synced. It also uses blocks and deduplication so not much data is transferred after each backup.