Development discussion of WireGuard
 help / color / mirror / Atom feed
* running wireguard company-wide?
@ 2021-06-16 13:30 Harald Dunkel
  2021-06-17  3:59 ` Jonathan Aquilina
  0 siblings, 1 reply; 2+ messages in thread
From: Harald Dunkel @ 2021-06-16 13:30 UTC (permalink / raw)
  To: wireguard

Hi folks,

how can I bind the private key to a specific host, eg. an office
Macbook? Esp on MacOS the private key is in plain sight in the
wireguard GUI, making it easy to reuse it for other, unintended
purposes.

For private installations this might be OK, but for a company-wide
deployment this is a major headache.

Every helpful hint is highly appreciated
Harri

^ permalink raw reply	[flat|nested] 2+ messages in thread

* RE: running wireguard company-wide?
  2021-06-16 13:30 running wireguard company-wide? Harald Dunkel
@ 2021-06-17  3:59 ` Jonathan Aquilina
  0 siblings, 0 replies; 2+ messages in thread
From: Jonathan Aquilina @ 2021-06-17  3:59 UTC (permalink / raw)
  To: Harald Dunkel, wireguard

Hi all,

Just a long time follower of this list and very curious to try wireguard when I get the chance.

On a Mac you have a keychain where you can store keys passwords certs, is there a reason why wireguard cannot take advantage of the keychain functionality?

Regards,
Jonathan

-----Original Message-----
From: WireGuard <wireguard-bounces@lists.zx2c4.com> On Behalf Of Harald Dunkel
Sent: 16 June 2021 15:30
To: wireguard@lists.zx2c4.com
Subject: running wireguard company-wide?

Hi folks,

how can I bind the private key to a specific host, eg. an office Macbook? Esp on MacOS the private key is in plain sight in the wireguard GUI, making it easy to reuse it for other, unintended purposes.

For private installations this might be OK, but for a company-wide deployment this is a major headache.

Every helpful hint is highly appreciated Harri

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2021-06-17  3:59 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-16 13:30 running wireguard company-wide? Harald Dunkel
2021-06-17  3:59 ` Jonathan Aquilina

Development discussion of WireGuard

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://inbox.vuxu.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ http://inbox.vuxu.org/wireguard \
		wireguard@lists.zx2c4.com
	public-inbox-index wireguard

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.archive.wireguard


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git