lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20160630003458.GA7581@wolff.to>
Date:	Wed, 29 Jun 2016 19:34:58 -0500
From:	Bruno Wolff III <bruno@...ff.to>
To:	linux-kernel@...r.kernel.org
Subject: Re: [RFC] WireGuard: next generation secure network tunnel

On Tue, Jun 28, 2016 at 16:49:18 +0200,
  "Jason A. Donenfeld" <Jason@...c4.com> wrote:
>
>Today I'm releasing WireGuard, an encrypted and authenticated
>tunneling virtual interface for the kernel. It uses next-generation

I tried this out on 4.7 kernels and it seemed to work OK. I can't tell 
about security, but the packets made it to where they are going.

My eventual use case, is to be able to reach a machine behind NAT by going 
though a fixed machine in another location. The machine behind NAT will 
keep a tunnel usable by occasionally pinging through the tunnel to make 
sure that NAT has state information allowing packets to make it back and 
that the fixed machine knows where to send packets.

This seems much easier to use than ipsec and should be faster than 
tunnelling over ssh or openvpn.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ