I know a little how Syncthing does its crypto-magic. It uses a custom BEP (Block Exchange Protocol) which is similair to Bittorrent. The nodes handshake with SSL/TLS in a strict mode on a custom non 443 port. When I use the non default port my two nodes don’t connect with a corporate firewall of Forti(gate) which basicly cuts an SSL/TLS connection for deep packet inspection (DPI) which is in practice an SSL/TLS MITM proxy. I never got it working to punch a hole in the firewall at work. So probably it seems als to inspect even on non 443 ports it is SSL/TLS traffic on those standard ports.
Does Syncthing something related to “SSL Pinning” for maximum security?
When I SSH to a machine from inside the corporate network and tunnel over SOCKS proxy with HTTP(s) with a browser everything works fine. Of course this works because SSH MITM firewall proxy server bullshit will choke the SSH connection because they do al kind of weird time based key rotation for sessions.
Sorry for my crying at this setup. But I would like to know how to punch a hole in the firewall to use Syncthing without much effort and a vanilla build. Worst case I can shoot an SSH tunnel and tunnel TCP over it and connect syncthing on both ends but that is boring.
Syncthing device IDs are essentially certificate pinning. It won’t work to have a MITM proxy (by design).
This will work, and may be your only an option if there’s no other way to get a TCP (or QUIC) connection through the firewall.
Edit: Actually, another option may be to use a relay. There’s some device ID authentication there as well of the relay, but it doesn’t really have to match anything apart from what Syncthing on the inside sees. It doesn’t matter if it’s MITM:ed, because we negotiate another TLS channel inside which the proxy should hopefully leave alone.
So, you might be able to set up a relay yourself, have your firewall-inside device connect to it, it will complain about the device ID mismatch, you change the expected device ID to suit, and then be good to go.
So basicly the relay makes an SSL connection to the MITM firewall proxy and on top of that the client connecting to the relay will “shoot another TLS channel through the relay via the firewall which is probably not intercepted because it is dual layer crypto” ?
I would prefer the last solution because it is semi-transparent for the client. And I don’t need to fight with keeping SSH tunnels alive under windows.
However, this approach requires the certificate’s fingerprint of the MITM firewall to remain constant - otherwise you would have to keep adjusting your configs all the time. I don’t have enough experience with Fortigate to know whether it generates new certs all the time or keeps reusing them for a significantly long period.
The relay authenticates its connected devices based on the sent client certificate:
A “Split TLS” proxy such as the Fortigate firewall will usually be unable to provide any client certificate. It cannot use the real client’s certificate (TLS security design prevents this), so the only thing it could do is to make up its own fake cert on the fly. This on the other hand means that the relay will compute a wrong device ID, which then means that session invitation/session joining won’t work since the IDs are all wrong.
Syncthing (and TLS in general) is really well designed to resist any kind of MITM . Trying to do MITM for TLS inspection is a mistake in the first place IMHO. I know it’s not your fault though.
The certificates will be rotated because of expiry times. I’m not sure which expiry time it has set as I have not analyzed it. But then things break once in a time and I need to monitor that by hand which is a pain. The firewall ssl proxy certificate is pushed to the desktop system probably by Microsoft domain controller to the Windows certificate store. Yeah lets talk about the joy of PKI
So the story did continue. The corporate SSL deep packet inspection (DPI) will still be enable for our VLAN. So its still possible to shoot a SSH SOCKS proxy to home and connect Syncthing through this as it is immune to SSL introspection.
The documentation is in sublime conditions for using proxies.
Basicly this means:
ssh -D 1337 -q -C -N jerry@<my home domain>.org # SSH Tunnel on windows with SSH on WSL (windows subsystem for linux)
# And synctrayzor environment variables
export all_proxy=socks5://127.0.0.1:1337
export ALL_PROXY_NO_FALLBACK=1
. Trying to do MITM for TLS inspection is a mistake in the first place IMHO. I know it’s not your fault though.
Scrap that idea, then.