Reflections on WireGuard Design Goals
Brian Candler
b.candler at pobox.com
Fri Aug 10 18:03:11 CEST 2018
On 10/08/2018 16:03, Roman Mamedov wrote:
>> But I'd feel a lot happier if a second level of authentication were
>> required to establish a wireguard connection, if no packets had been
>> flowing for more than a configurable amount of time - say, an hour. It
>> would give some comfort around lost/stolen devices.
> Couldn't you just encrypt your home directory? Or even the root FS entirely.
> Either of those should be a must on a portable device storing valuable
> information.
But by analogy, would you say that SSH keys and PGP keys don't need
protection by a passphrase?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20180810/84e99c4a/attachment.html>
More information about the WireGuard
mailing list