Using Syncthing with Proton VPN

How would this work? I want to sync files from my Linux machine to my iOS device (Mobius syncthing front end) but I’ll be using a VPN on both devices. Wifi isn’t an option (long distance remote sync)

What are my options here?

You don’t need a VPN to connect syncthing instances over WAN if that’s what you’re implying here.

Here it’s said relays have a rate limit:

“Relays will have rate limits of 50-100kb/s, so unless you are in Antarctica, thats not a better solution.”

And from my understanding opening a port for WAN is not secure. I am not using a VPN because of syncthing btw, I am using a VPN for privacy reasons in general with or without Syncthing (protonvpn also has a great adblocker and geofence bypasser) I’m wondering how to connect to Syncthing securely with protonvpn

That’s quite an old quote though. I doubt that it’s strictly 50-100Kb/s, but the speeds when using relays can vary wildly - that’s certain.

Otherwise you’ll have to make sure, in some way, that device A can reach B on a certain port or visa versa. Pretty sure that ProtonVPN does offer some port-forwarding, just no idea if that’s a workable solution for Syncthing as that port is random on the side of Proton I think. As of the security-implication for opening a port, that’s limited. As long as the service listening on said port handles everything correctly and doesn’t contain a (known) security-flaw, it should be fine really.

Otherwise I doubt there’s an alternative other than using relays (which can work fine, just test it out I’d say).

And, I have to point at it…VPN for privacy reasons, unless everything you do online is anonymised (e.g. never using personalised accounts) - it has very little effect.

1 Like

It’s as secure as the software that is listening on said port. The easiest way would be to configure a port forwarding for your Linux host.

I’m also with @er-pa on this one. Paid VPN providers are nice for filesharing and to avoid geoblocking. It doesn’t really improve privacy or security.

1 Like

I see @er-pa thank you both for your contributions.

How would port forwarding work with a vpn shared with numerous other people connected to the same server? Could they somehow access my files through some theoretical exploit? If so, how?

I don’t know anything about Proton VPN specifically. So, I’m not sure if you can combine two similar products. Normally the answer is no.

I pay Google for cloud storage and they include with that their basic VPN software that I run on my cell phone and on windows. Running the VPN does not interfere at all with the tunneling software.

Setting security, and everything else aside, except for having an app that can facilitate synchronization over the Internet. I use a product/technology that is free for everyone to use.

It’s called Meshnet. The software does come with a VPN that would compete with your proton VPN only you don’t have to buy it or use it.

The software has a feature that allows you to create an encrypted tunnel over the Internet that makes it look as though you have a private local area network over the Internet.

No modifications needed to routers. No port forwarding.

Each person must sign up for their own free account. Then, each of you can share a computer with any number of other people in your group. Actually there is a limited number it’s I think somewhere around fifty. You’re not granting anybody access to your home network just the syncthing server.

Once it’s all set up, everybody will have their own unique IP address that is on a private tunnel between all of the Syncthing servers.

Think of it as a high tech version of tunneling over SSH without needing to do any port forwarding.

Right now your PC has an IP address given to it by its local DHCP server and a second IP address given to it by the VPN company. This will be a third ip address that is specific to syncthing.

You’ll use the ip address provided by Meshnet for syncthing. When you’re using software programs or browsing Internet you’ll be using the IP address associated with your Proton VPN. The only program that knows about the existence of the tunneled IP address is the syncthing server software.

I have a syncthing server that is always running at home and I also have one running on my Android cell phone.

I can be anywhere, connected to any part of the Internet at whatever speed I have available to me and the syncthing software for Android will have the IP address associated with my machine at home.

I don’t leave syncthing running 24/7 on my cell phone I only turn it on when I need it and within seconds it can find my server at home and begin synchronizing pictures and other files on my phone.

The software runs on pretty much everything. Windows, Linux, Mac OS, Iphone, Android, router.

I have a friend and colleague that is a mac user. I have never used a Mac but we both use the same software and so our syncthing servers can easily talk to one another.

There is one risk. It’s not open source. it’s a free giveaway so it can always go away at anytime.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.