shackra
August 2, 2018, 5:52am
1
Hello!
I have the following configuration files (my dotfiles) in a public Git repo:
jorge@sanson-gnu ~/.config
> $ tree -L 2 [±master ✓]
.
└── syncthing
├── cert.pem
├── config.xml
├── config.xml.v4
├── config.xml.v5
├── csrftokens.txt
├── https-cert.pem
├── https-key.pem
└── key.pem
1 directory, 8 files
I realized this was a huge mistake and I want to change all *.pem files to ensure I cannot be impersonated by any attacker.
I know there is syncthing -generate="blah" command but deleting ~/.config/syncthing and issuing syncthing -generate="syncthing" at ~/.config/ do not generate new private cryptographic keys of any type.
My Syncthing version is syncthing v0.14.49 "Dysprosium Dragonfly" (go1.10.3 linux-amd64).
You can just delete existing ones and restart syncthing I think.
2 Likes
calmh
August 2, 2018, 7:04am
4
My -generate does take a parameter. But yes, in the default location new keys will be created if they are missing.
jb@kvar:~ $ syncthing -generate=asdasd
09:03:04 INFO: Device ID: QTTGN4V-JDTYDZ4-WDQBR3B-K4OBARL-PPA7KGO-XAPAEA3-AF5SUWN-YLIWOAI
09:03:04 INFO: Default folder created and/or linked to new config
jb@kvar:~ $ ls -l asdasd/
total 24
-rw-r--r-- 1 jb staff 615 Aug 2 09:03 cert.pem
-rw------- 1 jb staff 3638 Aug 2 09:03 config.xml
-rw------- 1 jb staff 288 Aug 2 09:03 key.pem
jb@kvar:~ $
kluppy
August 2, 2018, 9:01am
5
Remember, you will have to accept the new device ID on your existing devices.
shackra
August 2, 2018, 10:00pm
6
Yes, deleting the configuration and accepting the new ID did the job, thanks!
system
September 1, 2018, 10:12pm
7
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.