Syncthing + Tailscale. I have it set to only accept syncs from the tailscale addresses. I use this to do voice recordings that fairly quickly sync home for records of conversations.
I'm unclear if Syncthing inherently encrypts transfers, but layering it within Tailscale would add that. No?
> All device to device traffic is protected by TLS. To prevent uninvited devices from joining a cluster, the certificate fingerprint of each device is compared to a preset list of acceptable devices at connection establishment.
So yeah, transport is encrypted. I do believe they need to put that fact front and center, though. It took me a few minutes to find out. (Thanks for making me find out, though! I use Syncthing heavily and it never occurred to me to even question this.)
Thanks for finding that. I had the impression syncthing was focused on efficiency only, and not necessarily privacy/encryption. I had the impression a synced copy would be rebuilt from several sources at once, over the syncthing discovery protocol - and may not be encrypted in transit.
I'm unclear if Syncthing inherently encrypts transfers, but layering it within Tailscale would add that. No?