Untrusted device + password - files in plain text still

I installed Syncthing on a VPS, set it up, added my laptop to it, and vice versa, with a password. from the both sides. Nonetheless, on a server all the files in a shared directory have been syncronised as they are, without any encryption. I’m able to view their content on a server in plain text.

What’s the matter?


upd #1

On untrusted devices, you need to set the folder type to “Receive Encrypted”.

Meaning: on both sides? Or on the side of an untrusted device only?

On the untrusted side. Having the password available makes it not untrusted, so it will decrypt the files as they come in.

1 Like

But then a directory will have to be maked as “receive uncryptoed” on each side and device too, otherwise Syncthing won’t syncronize them. I initially marked it as such on one device but it’d then complain about this on the other side.

What’s the point of a password then?

What I want is make all the files encrypted on one side only - a VPS server. Because it’s always online, I then won’t have to go online from 2 other devices symultaneously.

I had the opposite reaction to your post: Regardless of what you do or don’t understand about Syncthing’s workings, why would you ever enter a password/secret on an untrusted device? Telling a secret to an untrusted agent is never a reasonable thing to do.

Yes on the untrusted side, the folder has to be receive-encrypted. Because the untrusted device should receive only encrypted data. The other side then either needs to know the password (and be any of send-receive, send-only or receive only, though the last is unlikely to be desired) or be receive-encrypted/untrusted too.


I’d done this initially. But it’d then cause an error, something that had to do with encryption or wrong settings of a directory.

I’ve re-done it and now it works as it should.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.