Hi,

On 16/05/18 22:06, Matthias Urlichs wrote:
> On 16.05.2018 14:53, reiner otto wrote:
>> Actually, in wg0.conf the private key is defined in clear text. Which allows dump of physical disk to grab it
>> and to fake this client.
> So? If you have physical access to the peer's (unencrypted) disk you can
> do anything. Security is over.
>> Wouldn't it be safer, to cipher the private key somehow ?
> Where would you store the key for that?
> 
> If you need that kind of safety, encrypt the whole disk. Securing the
> private key doesn't help if you can simply subvert the binary that
> decrypts it.

I think this can be compared to classic encrypted private keys, where
you need to decrypt them (normally with a passphrase) before they can be
loaded by the SSL library.

Maybe this could just be a feature in the wg tool, which could decrypt
the key before pushing it down to the kernel.

Cheers,

-- 
Antonio Quartulli