Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

[Suggestion] Support WireGuard

Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action! :-)

Topic Author
cypherpunk

[Suggestion] Support WireGuard

Postby cypherpunk » Tue Aug 29, 2017 7:29 pm

WireGuard is a next generation VPN that is experimenting with post-quantum crypto. Mullvad already rolled it out and it's working great. Please consider supporting!

User avatar

parityboy
Site Admin
Posts: 1091
Joined: Wed Feb 05, 2014 3:47 am

Re: [Suggestion] Support WireGuard

Postby parityboy » Fri Sep 01, 2017 8:52 pm

cypherpunk wrote:WireGuard is a next generation VPN that is experimenting with post-quantum crypto. Mullvad already rolled it out and it's working great. Please consider supporting!


I know that staff are already looking at it, especially in relation to how its public key authentication fits within the Cryptostorm model.

Going by Mullvad's blog, it's still in the testing phase. Have you any personal experience of it? What's the performance like?


Topic Author
cypherpunk

Re: [Suggestion] Support WireGuard

Postby cypherpunk » Sat Sep 09, 2017 4:29 am

I have used it. The performance is really good, moderately better than OpenVPN in that if you have a dynamic IP (e.g. roaming through open wifi or mobile) it reconnects much quicker - no SIGHUPs.

It's also been confirmed working the [linux-libre](https://www.fsfla.org/ikiwiki/selibre/linux-libre/) and the [unofficial-grsec](https://github.com/minipli/linux-unoffi ... c/releases) patches. If you role your own architecture that's a big security plus.


Topic Author
wireguarduser

Re: [Suggestion] Support WireGuard

Postby wireguarduser » Tue Sep 12, 2017 6:45 pm

also use it with mullvad, way higher speeds than openvpn, had some kernel warning log spam in early version, seems fine now

User avatar

df
Site Admin
Posts: 281
Joined: Thu Jan 01, 1970 5:00 am

Re: [Suggestion] Support WireGuard

Postby df » Mon Sep 18, 2017 3:23 pm

We do have a test wireguard instance up on a Romanian server, but it's unlikely that we'll provide public access to it anytime soon.

Main reason being, as the wireguard website puts it, "WireGuard is not yet complete. You should not rely on this code."


PrivacyActivist
Posts: 4
Joined: Thu Jun 15, 2017 10:29 pm

Re: [Suggestion] Support WireGuard

Postby PrivacyActivist » Sat Sep 23, 2017 1:09 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

https://www.wireguard.com/#work-in-progress

This isn't ideal from a security point of view and it's only supported on Linux and Mac OS X. I think this project has a bright future, however. It needs to mature before it can be used daily and for important purposes.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEdexMKgM9vxwWAEtbxT8h/1VVGA8FAlnFbY0ACgkQxT8h/1VV
GA8JoA/9F/C6maEQc5/DzDA6t+lDvkpO8c4kpGY73WwcB/3sHqNmH2wbARS5bQbD
xIg+kUx6FOkMDMkeL+rpjLhjVHy98tBzcknSchcgbSdhVNVrRittf1twr5xfD9U8
ObYzM5P6WKXFRhinzCi1Zj8ktFhVv5FkbxNGCQZnOit/BZmRAq174lL+glushDMJ
9rUhOentP79FOg++6aKBJGt2ROE/3jmpJHvlzh422evvLG/z6CEpi/CMg76sihfR
yhxG5FPjDLKMupkvEYfmJe/LmFhb4Uc9Fg9vYMzwdB/6Tzzvc8D9PwbjigH4b57D
RUqubQ+RJ108fY0DMjdrLqhF0hQUg0gB4SQAuB4iJe6Czg9yD6Bg/qcQtzAIHCvS
DAMYPD8Qqkib8VfeJq27XDFDun+wxRXDKi2zoVzlgb2PG8TPH5xaDg2zQF7AhZMF
CJIxJiIeyjoO9UJf1I+oVo0Keo0JVt7Gcszacj4GPi/H9Wa6Ok5/egPmrfix+E5A
QPYKSRSc5L+8Dgw+x0l/TjrIrN2UStcZmVD1jJRPxDaaFEo/kcSs/hB8PA9MRhPq
pxqPwfFDi4N65NDXx+t7tJ2vv6CpSwTRGFFrvooyDC4nv/qOJNaTVyHaH9Kd3cZv
kUfROh6xm+c3zinS1arG/V5PbAWY7OADNgeEvmqb8AF+kwyeDvQ=
=JaNX
-----END PGP SIGNATURE-----
☢ Unofficial Support ☢ All messages are signed with my PGP key (so you can verify that the message has been created by me and has not been tampered with or corrupted). You can view my key here.


Return to “general chat, suggestions, industry news”

Who is online

Users browsing this forum: Yahoo [Bot] and 11 guests

Login