Reflections on WireGuard Design Goals

Jason A. Donenfeld Jason at
Sat Aug 11 21:18:52 CEST 2018

On Fri, Aug 10, 2018 at 6:35 AM Brian Candler <b.candler at> wrote:
> But I'd feel a lot happier if a second level of authentication were
> required to establish a wireguard connection

I think that given the WireGuard building block, it's certainly
possible to build a 2FA framework around it. And I do generally like
2FA and short-lived credentials and such. Probably after getting the
implementations buttoned up -- kernel mainline, windows, etc -- I'll
turn a bit of attention to expanding tooling and full packages around
the simple wg0 interface.


More information about the WireGuard mailing list