Many tools and services are available for synchronizing data among various devices. Users who want to trust their data to the cloud can use services such as Google Drive, Dropbox, and Copy.com. An alternative here is BitTorrent Sync [1], which is a distributed peer-to-peer system based on the BitTorrent Sync protocol. This software, however, is not open source, just freeware. Thus, it is never clear what the program does. Syncthing, on the other hand, offers a secure alternative; it is open source and comes with a Mozilla Public license.
Syncthing uses the open source Block Exchange Protocol (BEP) [3] for synchronization. The data exchange among the individual nodes is typically TLS encrypted including Perfect Forward Secrecy (PFS). The nodes identify themselves to each other with cryptographic certificates, which Syncthing creates when it is installed on a platform. Encryption can be turned off for synchronization on a local network. This option speeds up the data throughput. In the basic setting, the program restricts encryption to metadata only. Written in the Go programming language, Syncthing has all of the required features for keeping your data secure.
This relatively new software runs on Linux, Mac OS X, Windows, Solaris, various BSD versions, and also on the Raspberry Pi. A Sync app is available for Android, and the developers are working on a version for iOS. Listing 1 contains commands for adding the repository to Ubuntu and installing Syncthing. For testing, we also installed Syncthing on an openSUSE box to have something to sync with. For the curious, Syncthing is a default package in openSUSE Tumbleweed, and all you need to do is:
Listing 1
Installing on Ubuntu
$ sudo add-apt-repository ppa:ytvwld/syncthing $ sudo apt-get update && sudo apt-get install syncthing
# zypper install syncthing
Syncthing can synchronize data on the local network and on remote computers. Like BitTorrent Sync, the software is based on UPNP. This design feature helps make synchronization easy even outside of the local network. It may be necessary to enable UPNP on your router, but routers come with UPNP already enabled. If your router does not have this set of protocols available, then it is a good idea to manually install port forwarding.
You will need to forward port 22 000/TCP to the desired target host. If the computer is located behind a fire wall, then you should activate ports 22 000/TCP and 21 025/UDP.
Once it's installed, you can start the software from the command line with
syncthing &
Figure 1 shows the output you should get. This also opens a web interface in your browser. You should make sure that the software has been installed and is started on all of the devices you want to synchronize. The software will create a key and certificate when it first starts on a device. This step can take several minutes, but it will guarantee secure exchanges.
The settings for language are found in the bar that sits above on the interface. Next to this bar, you will find a fold-out menu, Actions , where you can configure additional settings (Figure 2). For example, you can choose to restrict synchronization to the local network, or you can indicate that devices should be accessible for synchronization via the Internet. If you decide to limit data synchronization to the LAN, then you should remove the checkmark next to the option Global device search (Figure 3). The same goes for a router that does not support UPNP. To be able to identify the devices, you can use the device names option to assign them unique names.
The limit data rate option gives you the possibility of setting a maximum data throughput rate if this is necessary or desired. Modern hardware should make such a limit unnecessary. You may need users to provide a user name and secure password for access to the user interface. This is done by setting a checkmark at the entry Use HTTPS for GUI , which ensures a secure connection. When activated, the anonymous utilization report causes information to be sent anonymously to the project. This tool provides the developers with insights about user behavior, which they can then use in making modifications to the software. Additional information about this feature is available via the link following the option.
When you are done configuring, Syncthing will offer to restart. This step will take some time because a new certificate for HTTPS will also be generated. You will find further details on the entire configuration process including generation of keys in the ~/.config/syncthing/ directory.
After you have configured this dialog on all of the participating nodes, it is time to let the devices become acquainted with one another. This is accomplished using the information in the 46-digit device ID generated by the certificate. This information is found in the menu subentry show ID (Figure 4).
Now you can distribute the ID to the corresponding devices in the form of a text file loaded onto a USB stick, by email, or via a web service such as Dropbox. Via add device , you should enter the ID and the device name (Figure 5).
You should first enter the device name Syncthing will read out the ID automatically and ask whether you accept the device. You can then specify via the distribution device option whether all of the nodes registered with the distribution system should also be registered on the new device. The ID and the unique device name make it possible to keep data synchronized and also share content with colleagues and friends.
The software always creates a Sync/ folder in the home directory of each device when it first starts. It then automatically synchronizes any content found in this folder. When large amounts of data are involved, it makes sense to make other folders available (Figure 6). After clicking on add directory you should register a unique label for the folder in the mask via directory ID and then navigate to the target directory. The directory needs to be installed on all of the computers and the ID must be identical. Each target folder can then be given a different name.
The option to refuse changes should be considered when selecting additional settings. A checkmark in front of this option secures the data in the directory from any modifications that might come from other nodes. However, any data modifications made directly on the device will be distributed by Syncthing to the remainder of the network. For example, when a file from a protected directory is deleted, it will be deleted from each device in the network.
It is important to be conservative in using the search interval option on underpowered hardware. Otherwise, you might overtax your machine. If this happens, you will can use check all . This option lets you select all directories via mouse click, and if necessary also start an automatic synchronization.
The file versioning menu entry (Figure 7) offers various modes for keeping version backups of changed data. The most basic case is one in which you switch off the function or use a simple versioning for keeping a predetermined number of copies of deleted or modified files in a hidden directory .stversions/ . By comparison, the step-by-step versioning is oriented toward the expiration date of the copy. In external versioning, an external command is used to start the process.
The ignore permissions option is only needed when the directory that has been added is sitting in a FAT partition. Via share with these devices you can select the devices which are to be synchronized with this directory. Via Ignore pattern , you can exclude entire subdirectories from the synchronization process.
You will need to arrange for Syncthing to automatically load when a device starts. This is true for all of the distributions that use systemd and therefore also for Ubuntu and openSUSE. To do this, create a service file with the content from Listing 2 and name it syncthing.service . Next, create the directory ~/.config/systemd/user and move the file into the directory.
Listing 2
syncthing.service
[Unit] Description=Syncthing - Open Source Continuous File Synchronization Documentation=http://docs.syncthing.net/ After=network.target [Service] Environment=STNORESTART=yes ExecStart=/usr/bin/syncthing -no-browser -logflags=0 Restart=on-failure SuccessExitStatus=2 3 4 RestartForceExitStatus=3 4 [Install] WantedBy=default.target
After this step, you should enter the first two lines from Listing 3 as a normal user. Once the computer is restarted, Syncthing should automatically start. If this does not work, then the command from line 3 in Listing 3 should help locate the error.
Listing 3
Checking Status
$ systemctl --user enable syncthing.service $ systemctl --user start syncthing.service $ systemctl -l status syncthing.service
The basic settings for the Syncthing Android app [4] make a folder available in which the camera function of a smartphone or tablet can place photos (Figure 8). It also allows connection to other directories. The configuration is performed similarly to the PC version.
Additionally, you should specify whether synchronization can proceed via WiFi or only via a cable connection. The developers still need to do some work on the energy administration of the app. When it ran continuously during testing, the smartphone used became relatively warm, and the energy consumption rose significantly. Thus, it is a good idea to set the daemon to run in the background and start Syncthing only when the app is needed.
The open source software Syncthing is constantly under development. Once a week on Sunday, updates for the various platforms get released. In our series of tests of Version 0.11.21, synchronization worked perfectly.
The daemon has to be restarted after each modification to the configuration, and it takes up to one minute before all of the devices have been located again. This, however, is because of the P2P concept. If the web interface again warns of a restart after modifying the configuration, you should close the application and restart it. The data rate for synchronization is not exactly overwhelming on the Rasp Pi 2. The Syncthing developers should try to make this much better. For example, a program like BitTorrent Sync shows much better results. For now, however, it is probably not a good idea to try and use Syncthing on a first-generation Raspberry Pi.
The start instructions are helpful. They address installation and much more [5]. Additionally, the project offers additional documentation [6] and an extensive FAQ [7] as well as explanations about the network settings that need to be made on the router and the firewall [8].
Syncthing supports numerous platforms and is suitable for home data synchronization and for the exchange of data among colleagues and friends. Configuration is straightforward and synchronization works perfectly. Thus, it is easy to look past some minor issues that are still present in the software. Altogether, Syncthing is highly recommendable, especially as an open source alternative to proprietary programs and the ever-present data privacy concerns that come with use of the cloud.
Infos