>> On 24 Jul 2020, at 09:33, Jeffrey Walton wrote:
>>
>> On Fri, Jul 24, 2020 at 4:28 AM peter garner wrote:
>> I've used my OneRNG v3.0 external device to recreate my SSH moduli and
>> am now looking to recreate my wireguard keys.
>> According to the Wireguard docs it uses /dev/urandom:
>> h
I was just looking into a similar issue recently and it looks like WireGuard on
Windows adds firewall rules blocking all DNS servers except for its configured
DNS servers, with no option to disable.
I know for us it would be very helpful to at least have an option to disable
this behavior, as i
On 24.07.20 12:52, Stefan Tatschner wrote:
> wg-quick itself is in bash:
Ah. Thanks, I missed that.
However, IMHO it'd still be a good idea to use a small script -- or to
teach wg-quick how to do this directly. Using "bash -c" in systemd units
is a "you should think about this a bit harder" flag
On Fri, Jul 24, 2020 at 4:46 PM Dominique Martinet
wrote:
> FWIW, bash (and zsh, ksh etc) will optimise the last command call of a
> script to not fork, `bash -c 'exec foo'` is the same as `bash -c 'foo'`
>
> (for some reason it doesn't in the subshell though so that one makes a
> difference; you
Jason A. Donenfeld wrote on Fri, Jul 24, 2020:
> Great, good to know. Made some small adjustments and committed this as:
> https://git.zx2c4.com/wireguard-tools/commit/?id=a66219fa107e1bf0a03ebbbc405879c1f0a826c5
diff --git a/src/systemd/wg-quick@.service
b/src/systemd/wg-quick@.service
index a9cb
On Fri, Jul 24, 2020 at 3:09 PM Tomcsányi, Domonkos wrote:
>
> On Fri, Jul 24, 2020 at 11:29 AM Jason A. Donenfeld wrote:
> >
> > On Fri, Jul 24, 2020 at 11:25 AM Garrit Franke
> > wrote:
> > >
> > > On Fri, Jul 24, 2020 at 11:14:52AM +0200, Jason A. Donenfeld wrote:
> > > > On Fri, Jul 24, 202
On 24.07.20 11:25, Garrit Franke wrote:
> /bin/bash -c
Small systems may not have /bin/bash installed. Having wireguard tools
depend on bash is not a good decision from a system packaging point of view.
I recommend using a small helper script for this – one that limits
itself to POSIX shell feat
On Fri, Jul 24, 2020 at 11:29 AM Jason A. Donenfeld wrote:
>
> On Fri, Jul 24, 2020 at 11:25 AM Garrit Franke wrote:
> >
> > On Fri, Jul 24, 2020 at 11:14:52AM +0200, Jason A. Donenfeld wrote:
> > > On Fri, Jul 24, 2020 at 10:30 AM Tomcsanyi, Domonkos
> > > wrote:
> > > >
> > > > Signed-off-by:
On Fri, 2020-07-24 at 11:54 +0200, Matthias Urlichs wrote:
> I recommend using a small helper script for this – one that limits
> itself to POSIX shell features.
wg-quick itself is in bash:
https://git.zx2c4.com/wireguard-tools/tree/src/wg-quick/linux.bash
So depending on bash should be ok, I gue
On Fri, Jul 24, 2020 at 11:25 AM Garrit Franke wrote:
>
> On Fri, Jul 24, 2020 at 11:14:52AM +0200, Jason A. Donenfeld wrote:
> > On Fri, Jul 24, 2020 at 10:30 AM Tomcsanyi, Domonkos
> > wrote:
> > >
> > > Signed-off-by: Domonkos P. Tomcsanyi
> > > ---
> > > src/systemd/wg-quick@.service | 1 +
Am Fr., 24. Juli 2020 um 11:25 Uhr schrieb Garrit Franke
:
>
> On Fri, Jul 24, 2020 at 11:14:52AM +0200, Jason A. Donenfeld wrote:
> > On Fri, Jul 24, 2020 at 10:30 AM Tomcsanyi, Domonkos
> > wrote:
> > >
> > > Signed-off-by: Domonkos P. Tomcsanyi
> > > ---
> > > src/systemd/wg-quick@.service |
On Fri, Jul 24, 2020 at 11:14:52AM +0200, Jason A. Donenfeld wrote:
> On Fri, Jul 24, 2020 at 10:30 AM Tomcsanyi, Domonkos
> wrote:
> >
> > Signed-off-by: Domonkos P. Tomcsanyi
> > ---
> > src/systemd/wg-quick@.service | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/src/systemd/wg-
On Fri, Jul 24, 2020 at 10:30 AM Tomcsanyi, Domonkos wrote:
>
> Signed-off-by: Domonkos P. Tomcsanyi
> ---
> src/systemd/wg-quick@.service | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/src/systemd/wg-quick@.service b/src/systemd/wg-quick@.service
> index a9cbb58..8eb040b 100644
> --- a/
Thanks for figuring this out. It looks like '/' as the default is
indeed safe, as this value is only used in this expression:
cfg.dirnamelen = snprintf(cfg.dirname, PATH_MAX,
"%s/lib/modules/%s",
root == NULL ? "" : root, cfg
On Fri, Jul 24, 2020 at 10:27 AM peter garner wrote:
>
> Hi List,
>
> Platform: Raspberry Pi4B, Raspbian Buster 10. This device dedicated to
> wireguard. uname -a: Linux wireguard 4.19.118-v7l+ #1311 SMP Mon Apr 27
> 14:26:42 BST 2020 armv7l GNU/Linux. wg-quick is dated May 22 08:11
>
> I've used
Why is it that when a PSK exists, it’s not used to transform or encrypt the
initial packet’s payload?
It seems that would add to the overall security. What am I missing?
Paul
--
p...@boardsc.com
@compuwar
On Fri, Jul 24, 2020 at 4:28 AM peter garner wrote:
>
> I've used my OneRNG v3.0 external device to recreate my SSH moduli and
> am now looking to recreate my wireguard keys.
>
> According to the Wireguard docs it uses /dev/urandom:
> https://gist.github.com/rmoriz/58f1768218a4fbc4b318615bfb85111d
From: Baptiste Fouques
Implement netns support as stated in https://www.wireguard.com/netns/
§ Ordinary Containerization.
Create Namespace if necessary.
Created a specific resolv.conf if necessary
---
src/wg-quick/linux.bash | 125 +++-
1 file changed, 85
Signed-off-by: Domonkos P. Tomcsanyi
---
src/systemd/wg-quick@.service | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/systemd/wg-quick@.service b/src/systemd/wg-quick@.service
index a9cbb58..8eb040b 100644
--- a/src/systemd/wg-quick@.service
+++ b/src/systemd/wg-quick@.service
@@ -15,6 +1
Hi List,
Platform: Raspberry Pi4B, Raspbian Buster 10. This device dedicated to
wireguard. uname -a: Linux wireguard 4.19.118-v7l+ #1311 SMP Mon Apr 27
14:26:42 BST 2020 armv7l GNU/Linux. wg-quick is dated May 22 08:11
I've used my OneRNG v3.0 external device to recreate my SSH moduli and
am n
Not sure installing WG on Proxmox directly is a good idea. You may be better off
doing it in a VM.
But that kernel looks a bit older, perhaps upgrading to Proxmox 6.0 which comes
with a kernel from the 5 series will work better?
On 7/22/20 6:19 PM, Florent B. wrote:
> Hi,
>
> I try to install Wir
From: Ricardo Mendoza
When building in an environment with a different modules install path
we need to be able to also override the depmod basedir flag.
Signed-off-by: Ricardo Mendoza
---
src/Makefile | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/Makefile b/src/Make
22 matches
Mail list logo
