Key distribution and rotation tools?

Giacomo Bernardi mino at minux.it
Tue May 22 15:42:42 CEST 2018


Hello list,
I am aware that WireGuard does not include a mechanism to distribute and
rotate pre-shared secrets by design [1].

However, even discounting a full-blown PKI, in large deployments one needs
to automate the generation/distribution/rotation of those pre-shared keys
on endpoints.

I unsuccessfully scouted around for tools that would fit in this space, did
I miss anything? Any suggestions?

Thanks!
Giacomo



[1] "All issues of key distribution and pushed configurations are out of
scope of WireGuard; these are issues much better left for other layers,
lest we end up with the bloat of IKE or OpenVPN." (
https://www.wireguard.com/#conceptual-overview)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20180522/808674a3/attachment.html>


More information about the WireGuard mailing list