Hi,
> 3. The attacker uses the VPN server static private key to decrypt the
> recorded handshakes, revealing client static pubkeys.
Create a service that sets a new temporary pubkey. Call it *before*
connecting with WG.
Switching during a connection doesn't help much IMHO, because if you
have rec
Greetings fellow WireGuard users,
I represent Mullvad, a privacy-focused VPN provider. We and some
others think there are currently two aspects of WireGuard that make
its deployment in a privacy-focused setting a bit challenging. The
goal of this email is to present current thoughts on the issues
Hi everyone,
Would it be possible for wireguard to support ip6tables-like network
masks [1] for the allowed-ips besides CIDR masks?
With CIDR we are limited to variable suffixes. While with network masks
we could have variable prefixes, suffixes or any combination.
[1] https://linux.die.net/man/8
