1SYNCTHING-SECURITY(7) Syncthing SYNCTHING-SECURITY(7)
2
3
4
6 syncthing-security - Security Principles
7
8 Security is one of the primary project goals. This means that it should
9 not be possible for an attacker to join a cluster uninvited, and it
10 should not be possible to extract private information from intercepted
11 traffic. Currently this is implemented as follows.
12
13 All device to device traffic is protected by TLS. To prevent uninvited
14 devices from joining a cluster, the certificate fingerprint of each de‐
15 vice is compared to a preset list of acceptable devices at connection
16 establishment. The fingerprint is computed as the SHA-256 hash of the
17 certificate and displayed in a human-friendly encoding, called Device
18 ID.
19
20 Incoming requests for file data are verified to the extent that the re‐
21 quested file name must exist in the local index and the global model.
22
23 For information about ensuring you are running the code you think you
24 are and for reporting security vulnerabilities, please see the official
25 security page <https://syncthing.net/security>.
26
28 Global Discovery
29 When global discovery is enabled, Syncthing sends an announcement every
30 30 minutes to the global discovery servers so that they can keep a map‐
31 ping between your device ID and external IP. The announcement contain
32 the device ID and listening port(s). Also, when connecting to other de‐
33 vices that have not been seen on the local network, a query is sent to
34 the global discovery servers containing the device ID of the requested
35 device. The connection to the discovery server is encrypted using TLS
36 and the discovery server certificate is verified, so the contents of
37 the query should be considered private between the device and the dis‐
38 covery server. The discovery servers are currently hosted by @calmh
39 <https://github.com/calmh>. Global discovery defaults to on.
40
41 When turned off, devices with dynamic addresses not on the local net‐
42 work cannot be found and connected to.
43
44 An eavesdropper on the Internet can deduce which machines are running
45 Syncthing with global discovery enabled, and what their device IDs are.
46
47 The operator of the discovery server can map arbitrary device addresses
48 to IP addresses, and deduce which devices are connected to each other.
49
50 If a different global discovery server is configured, no data is sent
51 to the default global discovery servers.
52
53 Local Discovery
54 When local discovery is enabled, Syncthing sends broadcast (IPv4) and
55 multicast (IPv6) packets to the local network every 30 seconds. The
56 packets contain the device ID and listening port. Local discovery de‐
57 faults to on.
58
59 An eavesdropper on the local network can deduce which machines are run‐
60 ning Syncthing with local discovery enabled, and what their device IDs
61 are.
62
63 When turned off, devices with dynamic addresses on the local network
64 cannot be found and connected to.
65
66 Upgrade Checks
67 When automatic upgrades are enabled, Syncthing checks for a new version
68 at startup and then once every twelve hours. This is by an HTTPS re‐
69 quest to the download site for releases, currently hosted by @calmh
70 <https://github.com/calmh>. Automatic upgrades default to on (unless
71 Syncthing was compiled with upgrades disabled).
72
73 Even when automatic upgrades are disabled in the configuration, an up‐
74 grade check as above is done when the GUI is loaded, in order to show
75 the “Upgrade to …” button when necessary. This can be disabled only by
76 compiling Syncthing with upgrades disabled.
77
78 The actual download, should an upgrade be available, is done from
79 GitHub, thus exposing the user to them.
80
81 The upgrade check (or download) requests do not contain any identifi‐
82 able information about the user or device.
83
84 Usage Reporting
85 When usage reporting is enabled, Syncthing reports usage data at
86 startup and then every 24 hours. The report is sent as an HTTPS POST to
87 the usage reporting server, currently hosted by @calmh
88 <https://github.com/calmh>. The contents of the usage report can be
89 seen behind the “Preview” link in settings. Usage reporting defaults to
90 off but the GUI will ask once about enabling it, shortly after the
91 first install.
92
93 The reported data is protected from eavesdroppers, but the connection
94 to the usage reporting server itself may expose the client as running
95 Syncthing.
96
97 Sync Connections (BEP)
98 Sync connections are attempted to all configured devices, when the ad‐
99 dress is possible to resolve. The sync connection is based on TLS 1.2
100 or TLS 1.3. The TLS certificates can be obtained by an eavesdropper,
101 although it is more difficult to do so in TLS 1.3. This means that the
102 contents of the certificate are visible, which includes certificate
103 Common Name (by default syncthing).
104
105 An eavesdropper can deduce that this is a Syncthing connection and un‐
106 der certain circumstances calculate the device IDs involved based on
107 the hashes of the sent certificates.
108
109 Likewise, if the sync port (default 22000) is accessible from the in‐
110 ternet, a port scanner may discover it, attempt a TLS negotiation and
111 thus obtain the device certificate. This provides the same information
112 as in the eavesdropper case.
113
114 Relay Connections
115 When relaying is enabled, Syncthing will look up the pool of public re‐
116 lays and establish a connection to one of them (the best, based on an
117 internal heuristic). The selected relay server will learn the connect‐
118 ing device’s device ID. Relay servers can be run by anyone in the gen‐
119 eral public. Relaying defaults to on. Syncthing can be configured to
120 disable relaying, or only use specific relays.
121
122 If a relay connections is required between two devices, the relay will
123 learn the other device’s device ID as well.
124
125 Any data exchanged between the two devices is encrypted as usual and
126 not subject to inspection by the relay.
127
128 Web GUI
129 If the web GUI is accessible, it exposes the device as running Sync‐
130 thing. The web GUI defaults to being reachable from the local host
131 only.
132
134 Parties doing surveillance on your network (whether that be corporate
135 IT, the NSA or someone else) will be able to see that you use Sync‐
136 thing, and your device IDs are OK to share anyway <https://docs.sync‐
137 thing.net/users/faq.html#should-i-keep-my-device-ids-secret>, but the
138 actual transmitted data is protected as well as we can. Knowing your
139 device ID can expose your IP address, using global discovery.
140
142 Anyone who can access the Syncthing TLS keys and config file on your
143 device can impersonate your device, connect to your peers, and then
144 have access to your synced files. Here are some general principles to
145 protect your files:
146
147 1. If a device of yours is lost, make sure to revoke its access from
148 your other devices.
149
150 2. If you’re syncing confidential data on an encrypted disk to guard
151 against device theft, put the Syncthing config folder on the same
152 encrypted disk to avoid leaking keys and metadata. Or, use whole
153 disk encryption.
154
156 The Syncthing Authors
157
159 2014-2019, The Syncthing Authors
160
161
162
163
164v1.22.2 Dec 29, 2022 SYNCTHING-SECURITY(7)