Setting up Synergy 1.8.8 with SSL on OS X El Capitan as the server and Ubuntu 16.04 as the client

Update (May 2020): Use Barrier, which is a maintained fork of Synergy that supports SSL by default and has builds for Windows, macOS and Linux.

Synergy is a free and open source software (licensed under GPLv2) for sharing one keyboard and mouse between multiple computers. The source is hosted here on GitHub and the Synergy website provides compiled, installable releases with support for SSL encryption for a fee.

At work, I have a Macbook Pro laptop running OS X El Capitan and an Ubuntu 16.04 desktop connected to a monitor which I use daily. Working on two separate computers at the same time is laborious and thanks to Hiemanshu, I came to know about Synergy.

Eager to try it out, I built it from source after patching (to use the Qt installed on my Macbook using Macports) and with minimal configuration, I was able to get it to work. But since my computers were connected to the corporate network, I did not want my keystrokes to be sent through the network in plaintext. So till today, I used an SSH tunnel between my Macbook acting as the server and the Ubuntu desktop acting as a client. It was a little bit inconvenient having to setup the SSH tunnels every time and I didn’t want to use something like autossh.

Imho, in the post-Snowden era, any software sending sensitive plaintext data through the network is broken by design. Since Synergy is free software, I was hoping to patch it to allow SSL communication without requiring a license. With some help from the comments and pull requests on the Synergy GitHub repository and some additional tweaking, I was able to build Synergy 1.8.8 with support for SSL irrespective of the licensing status.

The following details of how I managed to do it are primarily for my reference and I am sharing it on my blog in the hope that it might be useful for others as well. That said, Synergy is a very useful free/libre software and I recommend purchasing a license to support the development. One of the Synergy developers has committed to enable SSL communication by default in the 2.0 version.

Steps to be followed on OS X El Capitan

  • Clone the Synergy GitHub repository from  and checkout the 1.8.8-stable branch
  • Apply this patch to fix the Qt related paths and also to enable SSL without license check. For Qt installed without using Macports, tweak the frameworkRootDir variable in the patch to point to the correct directory. Also tweak the path to the Info.plist to point to a valid path.
  • If the Mac OS X 10.11 SDK is not present under the /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs directory, Download it from this GitHub repository and copy it to that directory.
  • Install the dependencies of Synergy (cmake, qt5) using Macports.
  • Navigate to the top-level directory of the repository and run ./hm.sh conf -g2 --mac-sdk 10.12 --mac-identity ElCapitan where the current OS is El Capitan and the available default Mac OS X SDK is 10.12. Modify the parameters based on the available SDKs and the OS version.
  • After the previous command completes without errors, run ./hm.sh build to start the build process.
  • To create a Mac app, run ./hm.sh dist mac.
  • The Synergy.app is available under bin/Release/Synergy directory. Drag and drop it to the /Applications directory.
  • Create the SSL certificate needed by the Synergy server by running the following commands
    mkdir -p ~/.synergy/SSL/Fingerprints
    openssl req -x509 -nodes -days 365 -subj /CN=Synergy -newkey rsa:1024 -keyout ~/.synergy/SSL/Synergy.pem -out ~/.synergy/SSL/Synergy.pem
    openssl x509 -fingerprint -sha1 -noout -in ~/.synergy/SSL/Synergy.pem > ~/.synergy/SSL/Fingerprints/Local.txt
    mkdir -p ~/Library/Synergy/SSL/.
    cp ~/.synergy/SSL/Synergy.pem ~/Library/Synergy/SSL/.
    sed -e "s/.*=//" -i ~/.synergy/SSL/Fingerprints/Local.txt
    
  • Enable Accessibility permissions for the Synergy app from the Security and Privacy dialog under System Preferences.
  • Start the Synergy app and run it as a server. The app window should indicate that SSL is turned on and the logs should not have any errors.

Steps to be followed on Ubuntu 16.04

  • Clone the Synergy GitHub repository from  and checkout the 1.8.8-stable branch.
  • Apply this patch to fix the Qt related paths (not needed on Ubuntu) and also to enable SSL without license check.
  • Install the dependencies by running the following command
    sudo apt-get install cmake make g++ xorg-dev libqt4-dev libcurl4-openssl-dev libavahi-compat-libdnssd-dev libssl-dev libx11-dev
    
  • Navigate to the top-level synergy repository directory and run
    ./hm.sh conf -g1; ./hm.sh build; ./hm.sh; ./hm package deb
    

    This builds Synergy and creates a .deb package file under the bin directory.

  • Install the .deb file using dpkg.
  • Start the Synergy app from the Unity launcher (or alternatively using its full path).
  • Configure it as a client and set the server address to that of the computer running the server.
  • The app will display the server’s certificate fingerprint with a prompt to trust or reject it. Trust the fingerprint after carefully verifying it. If there are any errors with the server fingerprint or trusting it, copy the Local.txt file generated on the server and save it under ~/.synergy/SSL/Fingerprints and restart the client.

References:

Leave a Reply

Your email address will not be published. Required fields are marked *