WebDAV and SFTP now available on MacOS

Strongbox now supports WebDAV and SFTP on MacOS. These new storage providers have been much requested because they provide the ability to host your own KeePass database on your own storage, in a way that allows for synchronisation across devices and availability from anywhere on the Internet (if you like).

Note: The WebDAV & SFTP are part of the MacOS Pro feature set

WebDAV and SFTP are public open protocols supported by a wealth of different devices. Indeed SFTP is probably the standard way of transferring files on Linux based systems. Because it is built on top of SSH it is also the most secure way to do this also. WebDAV is an open extension of HTTP, adding new methods like PROPGET and PROPFIND and can sit seamlessly on top of a regular HTTP(S) session. In particular WebDAV is supported by Nextcloud and Owncloud, 2 popular up and coming privacy conscious storage solutions, which allow users to operate or subscribe to their own personal storage solution. Often Nextcloud runs on top of a NAS. Alternatively, many NAS’s support WebDAV and SFTP natively, for example Synology and QNAP provide their own implementations.

If you’re not keen on storing your database on your cloud provider, perhaps a free Dropbox or Google Drive account, but you want the convenience of a centralised location to store your password database, then WebDAV or SFTP could be for you. Strongbox tries to make this straightforward and has supported these protocols on iOS for quite a while. Now these protocols are available on MacOS.

To add a WebDAV or SFTP hosted database to Strongbox, simply:

  1. Launch Strongbox and bring up the Databases Manager window (Command + D).
  2. Tap the ‘Add Database…‘ button in the bottom right hand corner and select WebDAV or SFTP as preferred
  3. You’ll now be prompted to enter the location of your server, and authentication information. Tap Connect when done.
  4. Once successfully authenticated against your server you can start to browse your files and folders.
  5. Locate your database, and tap Select.
  6. You should now have added this database and you’ll be presented with the Unlock screen.
Strongbox SFTP Setup – Browsing for a database on MacOS

Strongbox will sync your changes back and forth (merging automatically where necessary). Strongbox also checks if your database has been changed by another process periodically and updates it if so, so you’re always working with the latest version.

We hope you’ll like this feature and that it’ll all be smooth sailing, of course we’d love to hear what you think and if we can improve in any way!

Syncing with a Synology NAS

It seems that Synology released an update (version 5.15.0 on April 13th 2021) to their DS File App which appears to be problematic for users who use the “Files” method to sync their databases with Strongbox. Unfortunately we don’t know exactly what Synology have done here, and there’s little we can do to fix things. So we would like to make sure everyone is aware of the best way to perform sync with a Synology device.

Update 13-Sept-2021: We are receiving reports that Synology have now fixed their App. We continue to recommend the methods below.

Recommended Methods

We always recommend users use either WebDAV or SFTP to sync their databases with their Synology NAS devices as it appears to be a much more reliable method and isn’t prone to getting things out of sync or randomly failing. You can also access your NAS via SFTP/WebDAV using the MacOS version of Strongbox.

A Note on using SMB

Unfortunately there are reports that SMB isn’t very reliable via iOS Files and also suffers from security issues, so using it over the public Internet isn’t recommended.

WebDAV & SFTP – Recommended

So we’ll stick with WebDAV & SFTP. This is all the more pressing now with the release of the broken DS File update. In this article we’ll cover getting WebDAV or SFTP up and running and connecting via Strongbox’s built in WebDAV support.

WebDAV

The authoritative Synology instructions can be found here. In a very short summary you need to:

  1. Log in to the Disk Station Manager or DSM with an account belonging to the administrators group.
  2. Go to Package Center to install WebDAV Server.
  3. Launch WebDAV Server and check Enable HTTPS checkbox. You can customise the port number if you like.
  4. Save the settings.
  5. To access from Strongbox, choose Add Existing Database
  6. Choose WebDAV
  7. Enter the IP address or the hostname of your Synology NAS followed by a colon followed by the port number (usually 5006 but may be different depending on how you have configured it). For example: https://my.host.com:5006
  8. Enter your username/password.
  9. You may not have configured a fully functional certificate (we would recommend that you do, you could use Lets Encrypt for example), if your certificate isn’t valid, then tick the ‘Allow Untrusted Certificate’ checkbox in Strongbox.
  10. All going well you should now be able to browse your file system for your password database.
  11. Finally add that database and you’re all set!

Some tips/tricks from other users who managed to get WebDAV working on their setups. These may or may not apply to you and haven’t been verified:

  • Ensure that the correct WebDAV port number is used in the URL/Address you enter
  • Make sure the WebDAV port is enabled in the Synology’s firewall
  • Make sure the WebDAV port is forwarded on the router if accessing remotely
  • Ensure Synology user account has WebDAV permissions
  • If using your own (untrusted) SSL certificate, ensure “Allow Untrusted Certificate” is enabled
  • In some cases you may need to append /home to your WebDAV URL. See here for more details.
  • Ensure the user password does not have any special characters if you are getting authentication errors
  • TLS/ SSL Profile Levels at “Modern compatibility” seem to work but you may want to change this if you have trouble.

SFTP

The authoritative Synology instructions can be found here. In a very short set of instructions:

  1. Log in to the Disk Station Manager or DSM with an account belonging to the administrators group.
  2. Click on Control Panel
  3. Click on File Services
  4. Click on the FTP tab
  5. Scroll down to the SFTP Section and enable
  6. Now, SFTP is live. We just need to make sure that a user is able to access the SFTP service. You can do this under Control Panel also. Select the Users component and create or ensure your user has SFTP access.
  7. To access from Strongbox, choose Add Existing Database
  8. Choose SFTP
  9. Enter the IP address or the hostname of your Synology NAS.
  10. Enter your username/password.
  11. All going well you should now be able to browse your file system for your password database.
  12. Finally add that database and you’re all set!

There is a good YouTube video which explains the steps to configure your Synology as an SFTP server.

Other Helpful Hints, Tips and Tricks

There is a plethora of information in the below video for how to configure your NAS for external connectivity which you may find helpful. It is presented in a friendly and funny way. Worth a look.

Please let us know if we should any other details, or how your experience was with these instructions, so that we can update this article for others.