| That's not how Syncthing keys/IDs work. That device ID you have to send to someone is not nominally private; it is in fact explicitly the public key of a key pair. If you use the public discovery servers (which is the default), that key is sent there so people who'd want to connect to you can look up your IP address with it. https://docs.syncthing.net/users/security.html#global-discov... https://docs.syncthing.net/users/faq.html#should-i-keep-my-d... > Should I keep my device IDs secret? > No. The IDs are not sensitive. Given a device ID it’s possible to find the IP address for that device, if global discovery is enabled on it. Knowing the device ID doesn’t help you actually establish a connection to that device or get a list of files, etc. > For a connection to be established, both devices need to know about the other’s device ID. It’s not possible (in practice) to forge a device ID. (To forge a device ID you need to create a TLS certificate with that specific SHA-256 hash. If you can do that, you can spoof any TLS certificate. The world is your oyster!) |
Additionally, I don't necessarily want a key sitting out there that will let any random person who finds it a dynamic way to look up my current IP address. It's not the worst thing in the world, but it's definitely not something I'd publish publicly.