Settings:hacker access & much more


#1

Hello, i have several questions but lets begin with a first one:

@ logging on Syncthing (on HP server with Open Media Vault Os)i get following message: “Danger! The Syncthing admin interface is configured to allow remote access without a password. This can easily give hackers access to read and change any files on your computer. Please set a GUI Authentication User and Password in the Settings dialog.”

But first let me know u my evironment: Synology Nas to Open media vault Nas connected on router with iets own firewal.Im not using option global nor im ever intended. Install of Syncthing on Synology went without any problem.After setup same message disappeaerd(Nas firewall is on). Open media vault have no firewal.To OpenMediaVault Syncthing im reaching with server/OMV ip adres with :8384

Is it needed for Openmediavault to have firewall? Or are there some options within Syncthing that i need to make active or non active? Or shall i just ignore warning?

P.S.And YES,i did make “GUI Authentication User and Password” but i still get warning. “Use HTTPS for GUI” will not “save”.


(Audrius Butkevicius) #2

Sorry, but it’s very hard to understand what you are asking. You should setup username and password, and use HTTPS for best security.


#3

I`m sorry,to much description…

I did setup a user and password. Syncthing does not save HTTPS if set true(button active). At every login HTTPS is non active-so it does not save that option. Probably because it is via Openmediavault ip adres?!

How to get warning a way or just ignore it?

Actually, as far as logic thinking makes me…how to setup a an direct Syncthing ip address, avoiding Open media vault ip address? In that case i would be able to use HTTPS.

I was trying to do my self, but did not succeed it.


(Audrius Butkevicius) #4

You should just ignore the https warning. If https setting does not get saved you should look at chrome debug tools for issues, or perhaps it’s overriden on the command line by the media vault plugin


(Jakob Borg) #5

Worth noting as well that the HTTPS checkbox in our settings does almost nothing. The only thing it does is enables a redirect to enforce HTTPS. You can use HTTPS to the Syncthing GUI with this checkbox disabled just fine.


#6

So the warning “This can easily give hackers access to read and change any files on your computer.” can be easy ignored?! I can live with that!

Lets go on second question:

Setings -> tab General -> Minimum Free Disk Space %,kb,mb,etc.

I readed a lot about this option as in manual as here on forum. But still have no clue what should be typed in?

Here is some info if is needed: Nas1 have 8Tb hdd,Nas2 have 4Tb hdd.The files are type of video media(between 1 and 10 gb. and some small .srt files).

What is your advice?


(Jakob Borg) #7

No. That warning is because you do not have a username and password set. It has nothing to do with HTTPS. Although once you do have a password, and you’re on an untrusted network, you should use HTTPS.

Leave those settings at their default until it becomes a problem.


#8

1.I did setup user/password - we are talking about login on Syncthing,right?! Untrusted network is my home network.As i said before “global discovery” is off-i dont use it. Maybe i should switch off local discovery too?! And use static ip addresses of both nas between eachother?!

2.OK! One funny question,how should i recognize the problem(symptoms)?


(Audrius Butkevicius) #9
  1. This is nothing todo with discovery, this is todo with not setting up username and password on syncthing.

  2. What are you trying to solve? What problem do you have. If you don’t have a problem, why are we even talking about this.


#10

Dear Mr. Audrius, I feel that we are both a bit lost…

1.Ok.If there is a set user-password,why i still get warning?

My apology for taking discovery into connection with warning message(thinking that have to do with it).

As Mr.Jakob Borg said: That warning is because you do not have a username and password set.Although once you do have a password, and you’re on an untrusted network, you should use HTTPS.(unfortunately here comes a sub question:how do i enable HTTPS? I do press on but at next opening of Syncthing that option stay unsaved even if i press save at bottom of window ).

At this point,i am trying to figure out that Syncthing see my local network as untrusted or should i see it beyond that?

Now i am asking my self,how the “hackers” can abuse this or it is irrelevant at all.On the and u are right with 2.

I am simply trying to get warning off the screen if is possible? I truly hope u are not irritated by all these question as my deepest respect for u all!


(Jakob Borg) #11

I don’t know. The “you’re going to get eaten by hackers” warning only triggers when there is no username or password. Perhaps open media stuff overrides the authentication somehow.


(Audrius Butkevicius) #12

Yeah, most likely open media something overrides settings so you can’t have them the way you want them.


#13

:sweat_smile: Thats the good one!!! :+1: Yes,Openmediavault is to me from beginning the usual suspect.

Finaly the last question:

How do i add existing folders on both nas devices?


(Audrius Butkevicius) #14

Read the getting started guide


#15

2018-05-09 21:27:45: Saving .stignore: open /volume1/video/Shared Video/TestSyncthing/.syncthing.tmp.242824049: permission denied

Can u tell me about this message,what does it mean?


(Audrius Butkevicius) #16

I am pretty sure if you google permission denied you will find the answer.


#17

Heh i already know what does it mean.

But i dont know where to look in Synology Os? Some threads on the forum say`s “just ignore its a bug” some not…

Im just lost.


(Audrius Butkevicius) #18

Well syncthing can’t write files, more like poor setup not a bug. Given synology setup is so custom, I think its best if you seek support on their forums, as we can’t be held responsible for them providing you with something that does not work, and I don’t feel like debugging every Synology bug you experience.


#19

Completely agree with u, at synology forum need to look for answer!!!