I already have my keepassxc and syncthing setup on my phone and computers and it’s great, I’d like to go a step further and have my password database sync when I’m not on my home network. From my understanding I can use relays set up by other users and they are encrypted, but if I do not trust syncing personal (encrypted) data to someone else’s server how easy is it to set up a relay that only I use? I won’t be using Bitwarden because in theory if I can pull this off I can also use syncthing to sync other files as well. Is setting up a personal relay a lot of work or a potential security risk for my home network?
You must log in or register to comment.
If you can create a port forward in your router and run stuff at your house what’s the point of a relay then? Just expose the ports that Syncthing uses and configure your client to connect to it using your dynamic DNS. No public or private relays are required.
- Port forward the following in your router to the local Syncthing host, any client will be able to connect to it directly:
- Port 22000/TCP: TCP based sync protocol traffic
- Port 22000/UDP: QUIC based sync protocol traffic
- Go into the client and edit the home device. Set it to connect using the dynamic DNS directly:
For extra security you may change the Syncthing port, or run the entire thing over a Wireguard VPN like I also do.
Note that even without the VPN all traffic is TLS protected.
