What exactly does KDE-Connect need?

I am on Fedora 40 Kinoite (KDE Atomic).

By default, kdeconnect “just works™”. At least it did on Plasma5.

But the question is not “does it work?” but “how does it work?”.

I come from Secureblue, which for sure left some settings hardened so kdeconnect does not work. I rebased to uBlue Aurora without the hardening, but there might be some settings left in /etc or else.

I want to figure out

I think it is really needed to know: what does KDE Connect need to run?

I think of:

kdeconnect-daemon

controlled via /etc/xdg/autostart and should totally be converted into something that users can toggle on and off like these experimental systemd user services

firewall rules

firewalld has a preset for kdeconnect.

But since Plasma 6 it also supports Bluetooth, so I dont know if opening ports is really needed.

The ports are:

1714:1764 UDP & TCP

In firewalld this is supposed to work via

pkexec sh -c "firewall-cmd --zone=public --add-service=kdeconnect && firewall-cmd --reload"

(The GUI method being not permanent)

I wonder if public is really needed, but I dont know much about firewalld yet.

Using a randomized VPN provider

I am using a VPN app that is not suitable for using KDE connect through it.

The server is not always the same and sharing from within the VPN was pretty unreliable.

So I split tunnel both apps: on Android this works permanently, on Linux the app needs to be launched in split tunnel mode.

When launching bash like that, I have DNS and connectivity, so I dont think this is the problem?

still no connection

Even after opening the ports on Linux, launching both apps apart from the VPN (or even disabling the VPN on Linux), there is no new device shown in the KDE Connect settings.

KDEConnect daemon is running.

Anything I am missing?