+1;
Not just to consider the "very standard case", which why quality of software
nowadays goes down.
Although you are correct here, that power cycle is almost normal usage
procedure.
Axel Neumann schrieb am Mo, 21.5.2018:
Betreff: Re: WG: Need fo
Actually, in wg0.conf the private key is defined in clear text. Which allows
dump of physical disk to grab it
and to fake this client.
Wouldn't it be safer, to cipher the private key somehow ?
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
http
Then individual keys for the clients, sigh.
Which leads to next question:
When adding a new client to the servers wg0.conf,
does it require a restart of wg, _OR_ is it safe to simply "edit" wg0.conf,
adding the clients info ?
Cheers,
Reiner
___
Wire
Is it possible somehow, to define multiple (client-)peers to share the same
keys ?
(Trading some loss of security for simpler distribution)
I.e. on server:
[Interface]
ListenPort = 5000
PrivateKey = ABCD ...XYZ
Address=172.16.0.1
[Peer]
PublicKey = 1234...7890
AllowedIPs = 172.16.0.0/16
client
Having implemented this solution already, I consider it some type of hack, as
the standard time sync unfortunately happens very late in the start of the
services, after rc.local called. And the sync might take quite some time.
Which means, I had to "hack" the time sync immediately after WAN up
I ran into this problem, too, and fixed it by re-adjusting the time before WG
is activated. This needs some fiddling around with standard NTP startup in
openwrt, though, so it is some type of hack which I do not really like.
Unfortunately, not so many openwrt-devices around having RTC. WG to us
Having found myself a solution to the problem described in
https://lists.zx2c4.com/pipermail/wireguard/2018-April/002736.html,
(I only want to tunnel all traffic destined to 1.2.3.4, the ubuntu-server, via
wg from client, an openwrt-router.
Where 1.2.3.4 also is endpoint of tunnel. All other tra
live = 25
Eric Light schrieb am So, 29.4.2018:
Betreff: Re: Route all traffic to one IP _only_ via wireguard
An: "Eddie" , "reiner otto" ,
wireguard@lists.zx2c4.com
Datum: Sonntag, 29. April, 2018 17:19 Uhr
Hi Eddie and Reiner,
I might be misun
My basic setup of wg works, I can ssh from/to server or client.
But the real goal is to tunnel only traffic with a specific destination IP
via wireguard from client to server.
I.e. a local router, which allows direct access to the web,
_BUT_ all traffic going to the corporate server using wireguar