How to verify a wireguard public key?
Matthias Urlichs
matthias at urlichs.de
Sat Dec 26 10:03:13 CET 2020
On 26.12.20 09:09, Nico Schottelius wrote:
> That answer is easy: if you add an incorrect key to your wgX.conf, wg
> setconf will complain and not apply it. And if you are providing
> automated VPNs... well, then this is something you do want to prevent.
Umm, sure, but then the question is why an incorrect key would be sent
through your automated VPN deployment in the first place. And if it
passes the length check but is still corrupted then that's a worse
failure mode than "wg setconf" complaining, 'cause at least you'd notice
the latter immediately.
--
-- Matthias Urlichs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20201226/23fb780f/attachment.asc>
More information about the WireGuard
mailing list