[v1.18.1] Started afresh trusted>untrusted, unexpected items


I’ve started afresh on Syncthing v1.18.1 release with the following setup.

DATA FLOW INTENTION: deviceA =====> (encryption by Syncthing) ====> deviceB

device B got a new SSD a few days ago and therefore everything set-up afresh. Even on device A, the shared-to-encrypt folder did not exist before, I’m first-time using this feature on both sides. After 3 days of initial syncing and getting to “up2date” state on both devices, some files on device A changed (not very much change in data amount). Today, I’ve found deviceB unexpectedly “out of sync”. The device was just sitting there, 24/7 connected, and was expected to follow device A. I have only debian 10 + syncthing on device B and no SMB shares/etc. so I’m 100% sure, no one changed any file in the receive encrypted device B file system meanwhilst.

Which logs do you need to troubleshoot this further. My feeling is some bug might have hit me over.


  • Debian 10.9 amd64 with Syncthing
  • folder “cf_so_pool0”, sendOnly, sharedWith deviceB using encryption pw. image image


  • Debian 10.10 amd64 with Syncthing
  • folder “cf_ro_pool0”, receiveEncrypted, sharedWith deviceA. image image

deviceB’s log (what hit my eyes that could be an error):

2021-08-09 05:04:31 Device 5B65DNN-XXX client is "syncthing v1.18.1" named "cf_deviceA" at XXXX/tcp-client/TLS1.3-TLS_CHACHA20_POLY1305_SHA256
2021-08-09 05:04:32 Device 5B65DNN folder "cf_ro_pool0" (9jbn4-6ctbo) is delta index compatible, but seems out of sync with reality

This message repeats every 24 hours when my DSL line reconnects.

Thanks for your help.

Kind regards, Catfriend1

Are the two items that are out of sync anything special? Would you be able to determine which files on deviceA they actually correspond to?

I don’t see anything special about them… is there a way (because of the concept securing data if sending encrypted) in the design to match the encrypted filename somehow to the original source path/file combination manually? I thought that wouldn’t be possible easily or at all.

Well, normally it would be difficult, but you mentioned that

so those newly changed files would be the first suspect.

Right, I still don’t see anything suspicious. I’m syncing “slowly” changing data,e.g. deleted or added files. No databases, no git or the like. Let’s say 10 files per day. text notes, pictures mainly. all this worked flawlessly for two years now when I didn’t use the new feature.

Another question if info is sufficient to tell: Is it “riskless” to press the delete unexpected items button or might it result in my encrypted copy being not the same as the original when I need it later.

If the two unexpected files look like encrypted files, then you could find out what actual files they are using syncthing decrypt. You can copy just those two files (including their parent dirs) to another directory and run syncthing decrypt on it, which then gives you the plain filenames which should be a better start to try and figure out how they ended up that way.

1 Like

Ok I’ll do that and report back.

  • 1.syncthing-enc/93/HOL7AMT9VDFHI9A0346NG35LRMIKSC1V02NPS372U2CPDUORRPKS4GPB21QOGVUPRFTKAEHSQUFLFS6BUIH4KC7U10C29O6CD0TI84V1CEVULUJ84D02AA334A61EV5H0.sync-conflict-20210809-231038-|1,55 KiB

  • F.syncthing-enc/VB/Q69JV7B9BF1TFM8HFADU42MTB47QMMPKP3C4K8JD590J7EAFI2HFH9HGHUQK476JNQF3Q27RBP5OKRGUK12FJGLFP29RVHPKG0NN6PPP62NQ623RF7K4OEN6I4DPRH0.sync-conflict-20210809-231039-|8,69 KiB

To document what I did, in case anyone else likes to go the same way through later:


mkdir -p /tmp/ext/1.syncthing-enc/93/
cp /srv/syncthing/cf_ro_pool0/1.syncthing-enc/93/HOL7AMT9VDFHI9A0346NG35LRMIKSC1V02NPS372U2CPDUORRPKS4GPB21QOGVUPRFTKAEHSQUFLFS6BUIH4KC7U10C29O6CD0TI84V1CEVULUJ84D02AA334A61EV5H0.sync-conflict-20210809-231038- /tmp/ext/1.syncthing-enc/93
mkdir -p /tmp/ext/F.syncthing-enc/VB/
cp /srv/syncthing/cf_ro_pool0/F.syncthing-enc/VB/Q69JV7B9BF1TFM8HFADU42MTB47QMMPKP3C4K8JD590J7EAFI2HFH9HGHUQK476JNQF3Q27RBP5OKRGUK12FJGLFP29RVHPKG0NN6PPP62NQ623RF7K4OEN6I4DPRH0.sync-conflict-20210809-231039- /tmp/ext/F.syncthing-enc/VB/


mkdir -p /tmp/decrypted/
syncthing decrypt /tmp/ext/ --to /tmp/decrypted/ --folder-id "9jbn4-6ctbo"
## Got no output, I assume the decryption was successful.

@imsodin The items in question belong to my work time tracker tool which writes a backup of my work start / stop times I’ve logged once a day to the given folder on device A.

find /tmp/decrypted/

It’s interesting that the “unexpected items error” persists. Because I’ve now tried to re-export my work times and then hit the rescan button (to grab the updated file) on device A. I expected device B to pull the updated file “receiveEncrypted” from device A. This is what happened.

device A:

device B:

… so the two changed files came correctly from device A to device B under another filename (not the same as in the error). I *** feel *** it would be safe to hit the “delete unexpected” button. Do you agree or do you want more info (maybe file descriptor dumps from the database)?


I’d also expect it to be safe. Would be nice to know how these files got there, but then again I don’t have any theory to check and not really the time/inclination to go digging in the dark. We can have a closer look if it happens again.

1 Like

I’m testing migration into full encrypted folders on a new device, quite similar to your setup: deviceA <–> Encrypted Folders <–> deviceB, except all folders are Send&Receive.

First attempt didn’t go well simply changing deviceA and deviceB settings via Syncthing Web UI (almost at the same time) by unmarking folders on the “old” and marking on the “new” syncthing device resulted in deviceA never finish syncing and “unexpected items” everywhere. So decided to scrap it.

Second attempt added deviceA and waited for a full sync, but when added deviceB still had quite a few “unexpected items” so decided to scrap it again.

Third attempt added deviceA to a fresh install and let it sync 100%, deleted all folders on deviceB’s disk before adding it and received everything fresh from deviceA. This worked better and got no “unexpected items”, but still have one .DS_Store delete stuck on the encrypted side (long story :rofl:).

Noticed twice WhatsApp Database (backup) two files as “unexpected items” but that self-healed. Files msgstore.db.crypt14 (latest) and msgstore-YYYY-MM-DD.1.db.crypt14 (from “yesterday”, renamed from msgstore.db.crypt14).

I could also try to troubleshoot further if it helps.

1 Like

I’ve hit the red button to delete the unexpected files which solved my problem. I’m fine with that :-).

One new unexpected item came up out of the blue. I swear, I didn’t touch the receiveEncrypted (device B) node and it only runs Syncthing.


Because the bug seems to be coming back, how about enabling debug logging on the remote device to find the actual culprit?

I would clear the current logfile (if there is any), then run Syncthing using STTRACE=db,model syncthing -logfile=<path-to-logfile> and wait for the bug to affect yet more files :wink:.

1 Like

Let’s do it :slight_smile: , will setup the trace&log shortly.

Inspired by this thread, I set up a few receive encrypted folders myself, using my real folders that I rely on on a daily basis.

After two days or so, the result is unfortunately this:

This is between two Windows 10 devices, and the folders were added and downloaded on the receiving side from scratch. I have no idea what might have caused those “locally changed items”. I plan to to do more testing though, this time with debug logging enabled.

Also, this is likely a different issue, but as I was trying to remove the receive encrypted folders on the remote device using the Web GUI, I kept getting these errors:

The folders themselves were still removed correctly, but I did have to refresh the GUI in the browser after each removal to get it back to work again.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.