BtSync Security tip

[xxx59712]

Hi,

I would like to setup BtSync on my VPS but I do not fill comfortable with the security overall.

Could somebody be so kind to sum up the steps I can take to secure BtSync.

So far the only thing I did apart from set login and password on the GUI is that I blocked port 8888 from the outside (with iptable rule)

Thanks.

[Connor0308]

Hi,

what exactly don't you feel comfortable with? If it is the security of the GUI, you can use a password protection, a custom port and force SSL-connection. Please keep in mind that the GUI does nothing more or less than to configure the traffic, which uses different ports and enctyption.

When referring to the traffic, it is encrypted using TLS at 128 bit (please correct me if I am wrong), which isn't to bad, I think. 

So what exaczly is your concern?

Br,

 

Connor

[Moe]

Please read this: https://danieldk.eu/Posts/2015-10-18-erp.html

Especially the last section

[xxx59712]

4 hours ago, Connor0308 said:

So what exaczly is your concern?

I thought the GUI was pretty powerful, you are right there is not much to see. I was taught to always lock down service facing the Internet as much as possible. If the GUI is exposed, it is an still issue. Otherwise I guess the only port open on the outside is the BtSync daemon that is, I agree encrypted.

3 hours ago, Moe said:

Please read this: https://danieldk.eu/Posts/2015-10-18-erp.html

Especially the last section

I will carefully review that article. But that matches what I thought, the GUI is behind a firewall and only bind to localhost. So from the outside, the only way to access it is to do a SSH tunneling or browse through a SSH bash session using a command line browser.