• Content Count

  • Joined

  • Last visited

About willjasen

  • Rank

Contact Methods

  • Website URL

Profile Information

  • Gender
  • Location
    Johnson City, TN
  • Interests
    artificial general intelligence, the Internet and networking, emergence, the quantified self, consciousness, transparency, and the future of everything

Recent Profile Visitors

685 profile views
  1. You may have seen other posts on the forum regarding rainstash, but after 5+ years of development and tweaking, I feel that it's in a place that it can be distributed as a version 1.0 If you're interested in running Sync securely in the Amazon cloud, check it out! https://github.com/willjasen/rainstash/releases/tag/v1.0
  2. rainstash was initially developed before Resilio Sync had the encrypted folder key feature so to the design was to store the Sync program and its data on a software encrypted volume (LUKS) in order to store data as securely as possible. Because the design decision was to not store the encrypted passphrase, the encrypted volume has no way to be unlocked upon restart of the instance, at least in an easy manner. AWS has a calculator that can be used to estimate monthly costs for an instance. The majority of this cost is assumed to be the size of the volume that stores the Sync data. The most
  3. Somewhat easy to use and developed by myself - host your own in the Amazon cloud. https://github.com/willjasen/rainstash
  4. It's been a while since I've posted, but I believe the latest updates I've made to rainstash makes it as secure as it can be. The template now only accepts encrypted folder keys by default, as well still stores this data on an encrypted volume. Still free to good homes! https://github.com/willjasen/rainstash
  5. I'm having this same issue as well. I've been able to have it work before but not any more. I've even tried binding sync to the Thunderbolt bridge interface (bridge0) but still nothing. Did anything come of the support ticket?
  6. Can someone clarify this a little more? I setup a owner/read-only peer pair, revoked all permissions for the read-only, but the read-only still has a cache of already downloaded files. One might expect it to revoke permissions and clear the cache.
  7. That's what I mean though.. I get that BitTorrent Sync is using the private IP addresses of both networks (let's say is one and is another) but that assumes the networks are close together. In this case, they are separate networks, only joined together via VPN. Just pointing out a case in which Sync is making an incorrect assumption that leaves no workaround other than to tear down the VPN..
  8. In an environment that I'm running BitTorrent Sync in, there are two separate networks connected via VPN over a WAN. I've set the sending limit on all clients to 128 KB/sec, but it never takes effect due to Sync thinking that the networks are together on a LAN. While there is an advanced setting to limit traffic even for LAN clients, this isn't suitable because I want the maximum transfer speed on each actual LANs while maintaining the transfer limit between the separate networks. Is there another way that achieves both goals?
  9. I'm not completely up-to-date with tweaking BTSync 2.0 but I have created an automated deployment template for Amazon CloudFormation for BTSync 1.4. In that version, its SSL settings are determined by the variables ssl_certificate and ssl_private_key which point to the plaintext certificate and its plaintext private key, respectively. I imagine this same tactic can be used with BTSync 2.0 on Synology. Check out the template at https://github.com/willjasen/rainstash as it may be of some further assistance.
  10. All communication with a rainstash instance is encrypted. Of course, Sync itself communicates securely. The only other processes accessible are SSH and HTTPS, both of which are encrypted. SSH uses an industry minimum standard 2048-bit key per how Amazon creates key pairs. The Sync web interface has been configured to use a 4096-bit key for extra security. It is also recommended that SSH and HTTPS is only available from a trusted IP, minimizing potential abuses. For storage, rainstash uses cryptsetup to create a fully encrypted volume on /dev/xvdf, where the Sync app, synced folders, and Sync
  11. Generally, you can wget or curl to retrieve the files from S3, but you'd need to make sure they were available publicly and that's not a good idea for security. I would use the aws cli to retrieve objects from S3 securely using https and IAM authentication. However, as a note, S3 is server-side encryption (when used), meaning Amazon holds the decryption keys. While that makes it very usable, it's less secure than if only the user has the decryption keys. Also see: http://forum.bittorrent.com/topic/33342-sync-in-the-cloud/
  12. As above, I'm not hijacking, but I've created an open source CloudFormation template that achieves a similar goal to the tools mentioned above; it's free to use, will always be open source, and is under your own control. http://forum.bittorrent.com/topic/33342-sync-in-the-cloud/
  13. While usesync.com is no longer in service, a new tool now makes it possible to create your own BitTorrent Sync cloud with very little configuration. http://forum.bittorrent.com/topic/33342-sync-in-the-cloud/
  14. Something I've created relevant to this thread, a roll-your-own btsync in the cloud: http://forum.bittorrent.com/topic/33342-sync-in-the-cloud/
  15. In the marketing of BitTorrent Sync, I detect a shyness away from the cloud, but if Sync is as secure as it claims, utilizing the cloud with Sync shouldn't be a security issue and should provide extra benefits. Enter rainstash, an open source Amazon CloudFormation template to deploy an instance of the latest version of Sync in the Amazon cloud with very little effort. With security in mind, only necessary network services are made available, web traffic is forced to be https (though the self signed certificate doesn't validate, but that's expected), and a separate disk volume that is encrypted