1SYNCTHING-SECURITY(7)              Syncthing             SYNCTHING-SECURITY(7)
2
3
4

NAME

6       syncthing-security - Security Principles
7
8       Security is one of the primary project goals. This means that it should
9       not be possible for an attacker to join a  cluster  uninvited,  and  it
10       should  not be possible to extract private information from intercepted
11       traffic. Currently this is implemented as follows.
12
13       All device to device traffic is protected by TLS. To prevent  uninvited
14       devices from joining a cluster, the certificate fingerprint of each de‐
15       vice is compared to a preset list of acceptable devices  at  connection
16       establishment.  The  fingerprint is computed as the SHA-256 hash of the
17       certificate and displayed in a human-friendly encoding,  called  Device
18       ID.
19
20       Incoming requests for file data are verified to the extent that the re‐
21       quested file name must exist in the local index and the global model.
22
23       For information about ensuring you are running the code you  think  you
24       are and for reporting security vulnerabilities, please see the official
25       security page <https://syncthing.net/security>.
26

INFORMATION LEAKAGE

28   Global Discovery
29       When global discovery is enabled, Syncthing sends an announcement every
30       30 minutes to the global discovery servers so that they can keep a map‐
31       ping between your device ID and external IP. The  announcement  contain
32       the device ID and listening port(s). Also, when connecting to other de‐
33       vices that have not been seen on the local network, a query is sent  to
34       the  global discovery servers containing the device ID of the requested
35       device. The connection to the discovery server is encrypted  using  TLS
36       and  the  discovery  server certificate is verified, so the contents of
37       the query should be considered private between the device and the  dis‐
38       covery  server.  The  discovery  servers are currently hosted by @calmh
39       <https://github.com/calmh>. Global discovery defaults to on.
40
41       When turned off, devices with dynamic addresses not on the  local  net‐
42       work cannot be found and connected to.
43
44       An  eavesdropper  on the Internet can deduce which machines are running
45       Syncthing with global discovery enabled, and what their device IDs are.
46
47       The operator of the discovery server can map arbitrary device addresses
48       to IP addresses, and deduce which devices are connected to each other.
49
50       If  a  different global discovery server is configured, no data is sent
51       to the default global discovery servers.
52
53   Local Discovery
54       When local discovery is enabled, Syncthing sends broadcast  (IPv4)  and
55       multicast  (IPv6)  packets  to  the local network every 30 seconds. The
56       packets contain the device ID and listening port. Local  discovery  de‐
57       faults to on.
58
59       An eavesdropper on the local network can deduce which machines are run‐
60       ning Syncthing with local discovery enabled, and what their device  IDs
61       are.
62
63       When  turned  off,  devices with dynamic addresses on the local network
64       cannot be found and connected to.
65
66   Upgrade Checks
67       When automatic upgrades are enabled, Syncthing checks for a new version
68       at  startup  and  then once every twelve hours. This is by an HTTPS re‐
69       quest to the download site for releases,  currently  hosted  by  @calmh
70       <https://github.com/calmh>.   Automatic  upgrades default to on (unless
71       Syncthing was compiled with upgrades disabled).
72
73       Even when automatic upgrades are disabled in the configuration, an  up‐
74       grade  check  as above is done when the GUI is loaded, in order to show
75       the “Upgrade to …” button when necessary. This can be disabled only  by
76       compiling Syncthing with upgrades disabled.
77
78       The  actual  download,  should  an  upgrade  be available, is done from
79       GitHub, thus exposing the user to them.
80
81       The upgrade check (or download) requests do not contain  any  identifi‐
82       able information about the user or device.
83
84   Usage Reporting
85       When  usage  reporting  is  enabled,  Syncthing  reports  usage data at
86       startup and then every 24 hours. The report is sent as an HTTPS POST to
87       the    usage    reporting    server,   currently   hosted   by   @calmh
88       <https://github.com/calmh>. The contents of the  usage  report  can  be
89       seen behind the “Preview” link in settings. Usage reporting defaults to
90       off but the GUI will ask once about  enabling  it,  shortly  after  the
91       first install.
92
93       The  reported  data is protected from eavesdroppers, but the connection
94       to the usage reporting server itself may expose the client  as  running
95       Syncthing.
96
97   Sync Connections (BEP)
98       Sync  connections are attempted to all configured devices, when the ad‐
99       dress is possible to resolve. The sync connection is based on  TLS  1.2
100       or  TLS  1.3.  The TLS certificates can be obtained by an eavesdropper,
101       although it is more difficult to do so in TLS 1.3. This means that  the
102       contents  of  the  certificate  are visible, which includes certificate
103       Common Name (by default syncthing).
104
105       An eavesdropper can deduce that this is a Syncthing connection and  un‐
106       der  certain  circumstances  calculate the device IDs involved based on
107       the hashes of the sent certificates.
108
109       Likewise, if the sync port (default 22000) is accessible from  the  in‐
110       ternet,  a  port scanner may discover it, attempt a TLS negotiation and
111       thus obtain the device certificate. This provides the same  information
112       as in the eavesdropper case.
113
114   Relay Connections
115       When relaying is enabled, Syncthing will look up the pool of public re‐
116       lays and establish a connection to one of them (the best, based  on  an
117       internal  heuristic). The selected relay server will learn the connect‐
118       ing device’s device ID. Relay servers can be run by anyone in the  gen‐
119       eral  public.   Relaying defaults to on. Syncthing can be configured to
120       disable relaying, or only use specific relays.
121
122       If a relay connections is required between two devices, the relay  will
123       learn the other device’s device ID as well.
124
125       Any  data  exchanged  between the two devices is encrypted as usual and
126       not subject to inspection by the relay.
127
128   Web GUI
129       If the web GUI is accessible, it exposes the device  as  running  Sync‐
130       thing.  The  web  GUI  defaults  to being reachable from the local host
131       only.
132

IN SHORT

134       Parties doing surveillance on your network (whether that  be  corporate
135       IT,  the  NSA  or  someone else) will be able to see that you use Sync‐
136       thing, and your device IDs are OK to share  anyway  <https://docs.sync
137       thing.net/users/faq.html#should-i-keep-my-device-ids-secret>,  but  the
138       actual transmitted data is protected as well as we  can.  Knowing  your
139       device ID can expose your IP address, using global discovery.
140

PROTECTING YOUR SYNCTHING KEYS AND IDENTITY

142       Anyone  who  can  access the Syncthing TLS keys and config file on your
143       device can impersonate your device, connect to  your  peers,  and  then
144       have  access  to your synced files. Here are some general principles to
145       protect your files:
146
147       1. If a device of yours is lost, make sure to revoke  its  access  from
148          your other devices.
149
150       2. If  you’re  syncing  confidential data on an encrypted disk to guard
151          against device theft, put the Syncthing config folder  on  the  same
152          encrypted  disk  to  avoid  leaking keys and metadata. Or, use whole
153          disk encryption.
154

AUTHOR

156       The Syncthing Authors
157
159       2014-2019, The Syncthing Authors
160
161
162
163
164v1.20.0                          May 08, 2022            SYNCTHING-SECURITY(7)
Impressum