I have three Linux computers, with LUKS full disc encryption running syncthing.
They all sync to a synology NAS with syncthing running to a single folder.
Are the files still encrypted on the synology NAS?
I cannot encrypt the synology NAS because of the file character limit with ecryptfs and I have too many files longer than 143 characters so they won’t sync.
If the files aren’t encrypted on the synology NAS, do you have a recommendation on how to keep them encrypted on the NAS?
Files are encrypted only in transfer, not locally. If you want to encrypt them locally, you can share the folders password-protected and then add them as Receive Encrypted on the NAS. Please also check https://docs.syncthing.net/users/untrusted for all the details on how this works.
I’m having difficulty understanding the directions.
I have syncthing setup as “spoke” with the Synology NAS as the center with a single folder shared to three computers. The three computers are not directly synced to each other.
How would I set up the untrusted network with this configuration?
Do I have to enter the password every time I open a file or folder?
On other devices, you need to unshare the folders with the NAS first. Then, on the NAS, you should remove all folders, both from Syncthing and from the disk. Then, on other devices, you need to share the folders with the NAS again but this time with a password set. Then, on the NAS, you should accept the folders as Receive Encrypted (which they should be set to automatically already).
Also, this isn’t really important in this case, but normally it’s more efficient to just connect all devices with each other. It’s also much less prone to failures, as currently, if the NAS goes down, then the whole sync will stop. There are exceptions to this rule, e.g. when using a very large number of devices, etc. but they don’t seem to apply here.
It shouldn’t matter but I prefer to do this one by one. Make sure you only set a password when sharing the folder on each devices with the NAS. If you decide to share the folder between your other devices as well, then you should not set any password for them. Basically, the password is set on a per-device basis and you can use different passwords when sharing the folder with different devices.
Ok, I set up everything and tried to sync one of my computers to the NAS but I’m getting “Error on folder “Sync” (xwtz4-pfx9b): folder marker missing (this indicates potential data loss, search docs/forum to get information about how to proceed)”
I had deleted the Sync folder through the syncthing gui on the NAS and also completely deleted the folder on the NAS disk as you suggested.
I’ll try rebooting the NAS and see if that works.
Did I need to create an actual folder on the NAS before doing this or will syncthing automatically create the folder? That may be the issue.
Difficult to say what is going on exactly. Can you post screenshots of the whole Web GUI from all devices? Also, the global state being zero doesn’t look right.
No problem . Glad that you’ve managed to get the sync going.
What is the hardware on the NAS? Syncthing itself is quite heavy on resources, however I don’t think encryption should affect it negatively in this case, as a Receive Encrypted folder doesn’t really decrypt anything. It just stores and shares files in their encrypted state.