Reflections on WireGuard Design Goals

Roman Mamedov rm at romanrm.net
Fri Aug 10 17:03:46 CEST 2018


On Fri, 10 Aug 2018 14:35:14 +0100
Brian Candler <b.candler at pobox.com> wrote:

>  From my point of view, the only thing which makes me uncomfortable 
> about wireguard is the lack of any second authentication factor. Your 
> private key is embedded in a plaintext file in your device (e.g. 
> laptop), not even protected with a passphrase.  Anyone who gains access 
> to that laptop is able to establish wireguard connections.
> 
> Of course, it can be argued that the laptop holds other information 
> which is more valuable that the wireguard key, therefore you should 
> concentrate on properly securing the laptop itself (*). Furthermore, to 
> be able to talk to the wireguard kernel module you're already root, and 
> therefore have all sorts of malicious options available to you. etc etc
> 
> But I'd feel a lot happier if a second level of authentication were 
> required to establish a wireguard connection, if no packets had been 
> flowing for more than a configurable amount of time - say, an hour. It 
> would give some comfort around lost/stolen devices.

Couldn't you just encrypt your home directory? Or even the root FS entirely.
Either of those should be a must on a portable device storing valuable
information.

-- 
With respect,
Roman


More information about the WireGuard mailing list