On 10/08/2018 16:03, Roman Mamedov wrote:
But I'd feel a lot happier if a second level of authentication were
required to establish a wireguard connection, if no packets had been
flowing for more than a configurable amount of time - say, an hour. It
would give some comfort around lost/stolen devices.
Couldn't you just encrypt your home directory? Or even the root FS entirely.
Either of those should be a must on a portable device storing valuable
But by analogy, would you say that SSH keys and PGP keys don't need
protection by a passphrase?
WireGuard mailing list