How to verify a wireguard public key?

Nico Schottelius nico.schottelius at ungleich.ch
Sat Dec 26 09:09:56 CET 2020


Matthias Urlichs <matthias at urlichs.de> writes:

> On 25.12.20 00:42, Adam Stiles wrote:
>> "How do I validate Curve25519 public keys?"
>
> You send a handshake packet to the owner of the corresponding private
> key and observe whether it accepted it.
>
> The question is, why do you think you need a different/additional way
> of verifying the public key?

That answer is easy: if you add an incorrect key to your wgX.conf, wg
setconf will complain and not apply it. And if you are providing
automated VPNs... well, then this is something you do want to prevent.

Cheers,

Nico

--
Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch


More information about the WireGuard mailing list