Reflections on WireGuard Design Goals
Eisfunke
nicolas at eisfunke.com
Fri Aug 10 16:42:15 CEST 2018
Hello together,
> In the absence of that, it would be nice if the private key which is
> stored on the laptop were encrypted with a passphrase. Simplest option
> may be to extend wg-quick so that the entire config file can be
> pgp-encrypted.
one can already do that via the wg-quick PostUp hook, check out the Arch Linux
wiki:
https://wiki.archlinux.org/index.php/
WireGuard#Store_private_keys_in_encrypted_form
The example is using pass, switching it for direct GPG (or keepassxc or
anything, really) should be easily possible.
Considering that possibility, I don't think adding GnuPG directly into
Wireguard would be a good idea. It would just add complexity for little to no
benefit.
Greetings,
NIcolas Lenz
More information about the WireGuard
mailing list