Debian-based configuration for wireguard
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jul 12 00:19:45 CEST 2017
On Tue 2017-07-11 13:04:40 +0000, jomat+wireguard.io at jmt.gr wrote:
> [ dkg wrote: ]
>> * it looks to me like configuring a wireguard link this way will
>> require an entry in /etc/network/interfaces (or interfaces.d) *and*
>> a
>> config file in /etc/wireguard/*.conf. It seems like it would be
>> cleaner to have all the configuration in one place, no?
>
> /etc/network/interfaces is usually world readable, /etc/wireguard/ not
> as your private keys are stored there.
Good point! it'd be great to be able to separate the private key
information from the standard network information for that reason; it's
not like people can't inspect the rest of the network config once the
device is configured, so it would be nice to be able to just have the
private key in an isolated file.
--dkg
More information about the WireGuard
mailing list