[Now Implemented!] Option To Allow Device On Sync

[iguypouf]

Today  you have perma secrets, temp secrets, readonly secrets...

 

Is it a way to have a secret requiring the manual acceptation of a device, just like bluetooth works for example ?

 

So like this, you can have in the list of devices the device allowed and the device in waiting of acceptation.

 

The purpose is :

- be sure to have only trusted sharers

- be able to eject a sharer without changing the secret for everybody

 

TY

[Tux]

+1 

(I registered here just to support this idea)

 

I know it's virtually impossible to break the secret (just studying information systems at university), but if we can make something even more secure by simple design like this, I would say "go for it!". Also this would end the nearly "endless" discussion on whether or not the secret key alone is secure enough.. 

 

Ejecting the sharer without changing the secret to everyone in my opinion is more complex task to do, but just having the confirmation part implemented (maybe like Bluetooth) would be great! 

[thejonamr]

Yea, i was just thinking of that. Were about to request this feature, and then i saw this post.

Maybe a list for each folder, or one list of devices, and then you could chose which folder they're allowed to join / sync with.

But yea, having to manually accept a device would be great.

[GreatMarko]

@all, the ability to manually "approve" peers/devices is now present in Sync 1.4

[piotrnik]

Just to clarify, can you check my understanding of this following scenario?

 

Say I currently have 3 devices with the same r/w key. I create a new approval request link on device A. Only device A will see the approval request once new device D adds the folder, and then has to approve it before new device D gains access to the folder and the files start syncing.  Devices B and C would never know about the approval, and would just see the new device D once A approves it.  

 

Is this correct?

[T-J]

@all, the ability to manually "approve" peers/devices is now present in Sync 1.4

But this new feature does not work with sync via secrets, as far as I can see. It would be nice, in there were a way to implement manual approvel for sync via secret.

Best Regards

Tobi

[alleoma]

I'd suggest extending this peer approval approach (as an option) to all desktop versions as well. And complement it with a list of approvals being in effect (currently, you seem not to be able to see whom have you given an approval, or whom have you turned down), and an option to revoke particular approvals per peer client.

 

Certainly, some provisions should be made to describe these approvals in config files (like those on Linux). And that, in turn, may need some disclosure of peer identifiers that Sync uses. And the latter might help suggesting peers without knowing their IP addresses and incoming ports (I can't tell my desktop client anything about a mobile client, as I can't tell or set up a fixed incoming port on any mobile client, which would also be quite apposite in this context; no matter if I can set up a fixed IP address for it).

[GreatMarko]

I'd suggest extending this peer approval approach (as an option) to all desktop versions as well.

 

Peer Approval itself is already available in desktop versions of Sync 1.4:

 

[alleoma]

@GreatMarko

 

> Peer Approval itself is already available in desktop versions of Sync 1.4

 

Except for, probably, the Linux version configured manually, with the keys (secrets) in the config file, or via the API. Am I correct? That is, presently, approvals are a GUI locked-down feature. And, if I'm not mistaken, you can't revoke approvals per peer (hopefully, changing a key for a folder should trigger general reapproval for it).

[kramb0l]

Peer Approval itself is already available in desktop versions of Sync 1.4:

 

Yes, but this still doesn't work for adding the key directly (or if it has been guessed / copied / bf'ed / sniffed etc).

 

So approval for all peers (no matter how they are added) would be a very welcome option.