Wireguard Public and Private Key Protection
-
Hi All,
I need help in wireguard, please suggest me the solution.Problem: I want to protect the wireguard Public and Private Keys. So on one can access the keys and no one can use it further.
Thank You in advance
-
@aakashjonwal I’m not understanding your need.
Can you try to explain this again?
-
Apology for late reply,
Actually, In Wirgaurd Public and Private Keys are in txt file. Anyone can read this and use this. So how can we protect that keys.. Also in wg0.conf, Private Key of client machine are in readable form. So How can we protect that keys.
Thank you in advance.
-
Anyone can reply on this.. It's really apricated.
-
@aakashjonwal so a few things to note. Yes keys are stored in plain text on disk. WireGuard itself doesn't attempt to solve the key exchange or key storage problem. However, pfSense already supports encrypted configuration backups for both manual and ACB backups. For someone to extract your keys they'd have to get root access to your firewall...and at that point you've got bigger issues to worry about.
I have mentally considered an additional layer for the extremely paranoid, but because pfsense already has encrypted configuration backup capabilities, I don't plan on spending much time on this any time soon.
-
@theonemcdonald said in Wireguard Public and Private Key Protection:
I have mentally considered an additional layer for the extremely paranoid, but because pfsense already has encrypted configuration backup capabilities, I don't plan on spending much time on this any time soon.
Fully agreed.
