Hi, I have been supporting some VPN servers and clients on OpenWrt using OpenVPN for several years and from what I have read, the WireGuard service is supposed to be faster. Wireguard being more secure seems highly debatable. I have gotten to the point that I don't use Luci any longer or even the dotted decimal config mechanism but simply customize config files and reboot the router.
Does anyone have a very simple server and client set of config files from the /etc directory perhaps used in a test environment that they can share with me so I can slightly alter the customized /etc/ files rather than going through the GUI process and would anyone be willing to share your config files for your test system so I could try some exercises using wireguard instead of OpenVPN?
Wireguard can be setup completely on the CLI if you want. Take a look at the Wireguard information and tutorials in the OpenWrt documentation. It is very easy to setup -- you don't need to "borrow" someone else's config and you will need to generate your own keys anyway. And if you really want to see example configs beyond what is in the documentation I have linked, just search the forums for Wireguard and you'll find many examples.
Considering all the new reverence for Wireguard here, who is their founder EdgeSecurity and as an admitted group of hackers who hire out to penetrate systems, why is this level of blind trust placed on Wiregard, at least from the perspective of the OpenWRT community? Thanks
If you're not comfortable using it for potential security issues, don't. People like it because it is easy to setup, very high performance, even on relatively weak CPUs/SoCs, and that it is now included in the linux kernel. There are eyes on the code, and a few problems have been discovered (and addressed) in the FreeBSD / pfsense implementation.
Thanks, I'm more than familiar with the old adage of "love it or leave it" (something about America? LOL) but I was more interested in what inspires anyone, or so many I should say, to abandon conventional methods and to go with an unknown, particularly a security application. Seems not that radical of a curiosity ....