I have 2 devices running Syncthing on the same local network. Usually I can just click on “Add Remote Device” and the remote device’s ID is already available for me to select and get things working. This time around though, nothing appeared.
Using the QR code worked, but noticed on the confirmation prompt that the IP of the remote device was not the expected local IP (192.168.x.x), but the public address. In settings > connections I disabled everything but “local discovery” on both devices, but still.
How can I fix this situation? Obviously I’d like to use the local network, not the internet. On a side note, is it safe to use this method to send files or do I need to enable encryption somewhere?
For context, I’ve used these two devices before many times but I re-install the OS somewhat regularly on my computer. Currently, my computer is running OpenSUSE Tumbleweed and the other device is an Android tablet.
I suppose you need the versions as well. On my computer:
Which device didn’t appear via its private IP address?
Syncthing always encrypts communications end-to-end, so it’s a matter of personal preference as to if it’s enough (e.g., some users on this forum prefer to tunnel connections through a VPN).
Depending on which device it was and how the network setup is, it might not necessarily be syncing across the internet (with the exception of the optional global discovery handshakes and telemetry).
Reinstalling isn’t usually a problem, but does require a little more care, plus it also means that your network configuration might not be exactly the same between OS re-installs (which is what I suspect might be the root cause).
It’s very easy to back up Syncthing’s configuration to save time and hassles (on Linux it would be under ~/.config/syncthing).
Thanks, version numbers are always helpful.
If you could also post screenshots of Syncthing’s GUI on the desktop and tablet with the device details visible (feel free to redact some info, but try to leave as much network info visible as possible since that’s the core issue being looked at).
Any additional info about how the network is configured would also be helpful.
NOTE: This IP address is actually different than the one I originally saw earlier. I tried to shutdown Syncthing and run it again from the terminal to see if there was any output and there was. This IP matches one of the messages:
[OCR7M] 2023/03/24 00:47:33 INFO: Joined relay relay://126.96.36.199:443
The device ID is the tablet though, so I accepted the connection this time around. I haven’t yet been able to share any files but I can update this tomorrow (it’s a little late for me right now), with screenshots from my tablet as well if you need to.
Is this new? I used Syncthing with these devices just last month (I was using different OS back then, so I agree this is probably the real cause).
Although I doubt Android is the issue, my tablet is still on Android 9 since I never connect to the internet with it I just use it for reading books.
Thank you both for the help I will check in again tomorrow and update things.
As things are right now, you need to run Syncthing as root if you want local discovery to work on Android. The other way is to leave global discovery enabled. Alternatively, you can simply hard-code IP addresses or hostnames.
That’s interesting, normally I just run it from the applications menu but I think I can work with that as well, I will try it later.
So, just to reiterate, using global discovery is safe to use in terms of privacy/security right? I just want to be sure because I saw some settings about encryption when I was trying to fix this by myself, and of course I thought this was handled automatically.
ALL communication between ALL Syncthing instances is ALWAYS encrypted. There are no settings to disable this. In my opinion, global discovery and relaying is safe.
You might have seen something related to “Untrusted (Encrypted Devices)”. That is encryption “on another level” and with another purpose. It is useful in for example this situation: You have a friend which you trust enough that he will not delete your data, but you want your files which are shared with him to be encrypted.