Great software - thanks so much!
I have suggestion for documentation, an example how to sync in a highly secure environment through ssh tunnel - e.g. firewall doesn’t allow anything in or out except specific ports, and ssh is one of them. The given documentation had me setting up a relay for lack of understanding how it works. Upon inspection with netstat and observing logs, I figured it out. Here’s how it looks:
#/bin/bash
ssh -i ~/.crypt/mykey.pem
-L 127.0.0.1:22001:127.0.0.1:22000
-R 127.0.0.1:22001:127.0.0.1:22000
user@10.23.45.6
Both machines have syncthing listening on 22000. This makes a tunnel so ssh listens on 22001 on each end and redirects to 22000 on the other. Be sure to allow port forwarding in ssh config! No matter which side you run ssh, but not both!
Then in syncthing you configure both ends like this:
- Remote Devices | Edit | Advanced | Addresses - change from “dynamic” to “tcp://127.0.0.1:22001”
- in Actions | Settings | Connections - no need for NAT traversal, discovery, or relays, although if they are configured it probably won’t stop it working.
Be sure if limiting bandwidth to go into Actions | Advanced and check box to “Limit Bandwidth In Lan”. Otherwise no limit is enforced.