Re: WG: Need for HW-clock independent timestamps

+1; Not just to consider the "very standard case", which why quality of software nowadays goes down. Although you are correct here, that power cycle is almost normal usage procedure. Axel Neumann schrieb am Mo, 21.5.2018: Betreff: Re: WG: Need fo

Cipher the private key in peers wg0.conf ?

Actually, in wg0.conf the private key is defined in clear text. Which allows dump of physical disk to grab it and to fake this client. Wouldn't it be safer, to cipher the private key somehow ? ___ WireGuard mailing list WireGuard@lists.zx2c4.com http

Re: Multiple (client-)peers with same keys possible ?

Then individual keys for the clients, sigh. Which leads to next question: When adding a new client to the servers wg0.conf, does it require a restart of wg, _OR_ is it safe to simply "edit" wg0.conf, adding the clients info ? Cheers, Reiner ___ Wire

Multiple (client-)peers with same keys possible ?

Is it possible somehow, to define multiple (client-)peers to share the same keys ? (Trading some loss of security for simpler distribution) I.e. on server: [Interface] ListenPort = 5000 PrivateKey = ABCD ...XYZ Address=172.16.0.1 [Peer] PublicKey = 1234...7890 AllowedIPs = 172.16.0.0/16 client

Re: Need for HW-clock independent timestamps

Having implemented this solution already, I consider it some type of hack, as the standard time sync unfortunately happens very late in the start of the services, after rc.local called. And the sync might take quite some time. Which means, I had to "hack" the time sync immediately after WAN up

AW: WG: Need for HW-clock independent timestamps

I ran into this problem, too, and fixed it by re-adjusting the time before WG is activated. This needs some fiddling around with standard NTP startup in openwrt, though, so it is some type of hack which I do not really like. Unfortunately, not so many openwrt-devices around having RTC. WG to us

Why does it work ?

Having found myself a solution to the problem described in https://lists.zx2c4.com/pipermail/wireguard/2018-April/002736.html, (I only want to tunnel all traffic destined to 1.2.3.4, the ubuntu-server, via wg from client, an openwrt-router. Where 1.2.3.4 also is endpoint of tunnel. All other tra

Re: Route all traffic to one IP _only_ via wireguard

live = 25 Eric Light schrieb am So, 29.4.2018: Betreff: Re: Route all traffic to one IP _only_ via wireguard An: "Eddie" , "reiner otto" , wireguard@lists.zx2c4.com Datum: Sonntag, 29. April, 2018 17:19 Uhr Hi Eddie and Reiner, I might be misun

Route all traffic to one IP _only_ via wireguard

My basic setup of wg works, I can ssh from/to server or client. But the real goal is to tunnel only traffic with a specific destination IP via wireguard from client to server. I.e. a local router, which allows direct access to the web, _BUT_ all traffic going to the corporate server using wireguar