Mirrors/wireguard-docs
1
0
Fork 0
mirror of https://github.com/pirate/wireguard-docs.git synced 2026-01-23 02:15:13 +00:00
Code Issues Projects Releases Wiki Activity

add note about sharing private keys

Browse source
This commit is contained in:
Nick Sweeting 2020-03-24 14:21:43 -04:00 committed by GitHub
parent 779080fdaf
commit cb44fb16d7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -372,6 +372,11 @@ You can also read in keys from a file or via command if you don't want to hardco
...
PostUp = wg set %i private-key /etc/wireguard/wg0.key <(cat /some/path/%i/privkey)
```
Technically, multiple servers can share the same private key as long as clients arent connected to two servers with the same key simulatenously.
An example of a scenario where this is a reasonable setup is if you're using round-robin DNS to load-balance connections between two servers that are pretending to be a single server.
Most of the time however, every peer should have its own pubic/private keypair so that peers can't read eachothers traffic and can be individually revoked.
---
## Usage