Reflections on WireGuard Design Goals
Roman Mamedov
rm at romanrm.net
Fri Aug 10 17:03:46 CEST 2018
On Fri, 10 Aug 2018 14:35:14 +0100
Brian Candler <b.candler at pobox.com> wrote:
> From my point of view, the only thing which makes me uncomfortable
> about wireguard is the lack of any second authentication factor. Your
> private key is embedded in a plaintext file in your device (e.g.
> laptop), not even protected with a passphrase. Anyone who gains access
> to that laptop is able to establish wireguard connections.
>
> Of course, it can be argued that the laptop holds other information
> which is more valuable that the wireguard key, therefore you should
> concentrate on properly securing the laptop itself (*). Furthermore, to
> be able to talk to the wireguard kernel module you're already root, and
> therefore have all sorts of malicious options available to you. etc etc
>
> But I'd feel a lot happier if a second level of authentication were
> required to establish a wireguard connection, if no packets had been
> flowing for more than a configurable amount of time - say, an hour. It
> would give some comfort around lost/stolen devices.
Couldn't you just encrypt your home directory? Or even the root FS entirely.
Either of those should be a must on a portable device storing valuable
information.
--
With respect,
Roman
More information about the WireGuard
mailing list