How to verify a wireguard public key?

Matthias Urlichs matthias at
Sat Dec 26 10:03:13 CET 2020

On 26.12.20 09:09, Nico Schottelius wrote:
> That answer is easy: if you add an incorrect key to your wgX.conf, wg
> setconf will complain and not apply it. And if you are providing
> automated VPNs... well, then this is something you do want to prevent.

Umm, sure, but then the question is why an incorrect key would be sent 
through your automated VPN deployment in the first place. And if it 
passes the length check but is still corrupted then that's a worse 
failure mode than "wg setconf" complaining, 'cause at least you'd notice 
the latter immediately.

-- Matthias Urlichs

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the WireGuard mailing list