syncthing decrypt

Encrypted data on an untrusted Linux device can be accessed by another instance of syncthing with the known password connecting to the encrypted folder. In this case, as expected, the original timestamps are applied to the decrypted and synced files.

Or by accessing the encrypted data and using the command syncthing decrypt --to /path/to/decrypted/files/ --password xxxx /path/to/encrypted/folder/ In this case the timestamps are applied as the current time of the OS used to decrypt the folder.

Question: is there anyway the second method can access the original timestamps for each file?

1 Like

No, but syncthing decrypt could apply them, I guess I just didn’t implement that. You can try this:

1 Like

@calmh thanks for taking up this issue/idea.

I downloaded the github code (956c44c) and complied it, syncthing worked as normal but I got the same results with decrypt, so I suspect I stuffed it up and got the code for main instead of your PR.

Maybe I’ll wait for #8412 to merge into the next RC release.

1 Like

You can just download the binary built by CI from the pull request for testing. It’s a bit hard to find the files (called artifacts) but somewhere under Checks there should be appropriate binaries I believe.

1 Like

Got it, thanks @acolomb. Tested and it works! Thanks to @calmh for fast implementation.


The fix (#8412) didn’t make it into release 1.20.3, so I rolled my own binary from main (v1.20.4-dev.1.gabea3d75, Linux (64-bit Intel/AMD) and all is working again.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.