Synchthing + Yubikey NEO = very good security


I think it would be a great killer app if we could off-load the secret key onto the Yubikey NEO. This can be done by generating an ephemeral key given a user pin/password and storing it onto the NEO or by using the OpenPGP applet included in the device.

By doing so Synchthing wouldn’t need to store the key ever on the hard-drive / ram.

For info on the Yubikey NEO: you can check Yubico website, they have a github repository and website.

Regards, GuruMeditation.

The Yubikeys are nice. Question is though, what are you protecting against? At the core, syncthing syncs your files between computers, and the files are on disk. If an attacker can get at the key on your disk, they also already have your files.

Hello Calmh,

I understand your point and you are right :wink: