Proposed new encrypted node type

I’ve just spent about 5 minutes with reading the docs, but I hope I understood the current architecture well to ask this question. So if I’m right, Syncthing can only work between machines when at least two nodes are online. This can be fine if you have two machines, online for enough time for syncing. But what if you have those two machines (let’s say they are laptops), used exclusively? You need a third machine, which is always online (or at least online for periods when you want to sync). That may be fine, but there is a problem: it will have all the (unencrypted) data, which may be unnecessary if it’s just for ensuring that the two real nodes can sync to/from.

So I would like to propose an encrypted, repository, safe or something like node type, which can be used the same as current Synthing hosts, but it stores everything in an encrypted manner.

So if you fire up a node in the cloud, you can use that for syncing your two laptops, the data will always be there, but would be available only with a private key, stored only on the “normal” nodes.

If implemented properly, this machine could be an untrusted one, still capable of acting as a normal Syncthing node with the exception that you can’t read the data on it if you don’t have the encryption key(s).

Any ideas?

1 Like

You are not the first suggesting such a feature:

https://www.bountysource.com/issues/1474343-support-for-file-encryption-e-g-non-trusted-servers

Agreed! It’s an essential feature if you want to swap always-on untrusted boxes with your friends, or have a VPS on any public cloud platform.

According to BountySource, there’s now a $4,080.00 USD reward on this. I’ll be adding to it yet again, and (if you have the means) I’d suggest you do too. :slight_smile:

Here’s hoping it happens. I’d love to ditch Resilio (which does exactly what you’re asking, but is closed-source and unvetted) and Dropbox (which… ugh, yeah) entirely. Syncthing is just so awesome in every other way! <3