[Scope0530]

Thank you for the prompt responses regarding this feature. The encryption is working as expected in our initial testing. We will update if there are any issues as we continue testing.

[Scope0530]

Encryption of the configuration file would meet our requirements. To be clear, we would like encryption because we are concerned about the plaintext configuration file getting stolen/copied/etc., since anyone with the plaintext configuration file could connect to our WireGuard network.

[Scope0530]

1. Are you interested in having this encryption feature in the command-line interface (CLI) client?
– Yes, we need it in the CLI.
2. Additionally, how do you foresee utilizing the CLI client—would you run it manually as an application, or would you prefer it to operate as a background service?
– We need it to run as a background service.
3. Alternatively, would the WireSockUI be your preferred interface for this functionality?
– We don’t currently have a preferred UI. Currently, we want our user devices to full tunnel all traffic all the time, with no intervention from the user (and no UI for them to mess with). Our users do not have administrative accounts on the devices, and thus cannot modify the service anyways.

As for how we intend to use it:
We would like to deploy full-tunnel WireSock configurations to all of our user laptops. IT admins will create a deployment script which generates client configurations and then deploy the WireSock client with that configuration. Once deployed, the WireSock service will automatically start (running under the Local System account) and run all the time. The tunneling will be invisible to the user, and they will not be able to disable the tunnel.

[Scope0530]

Whoops- I meant Wireguard for Windows (https://www.wireguard.com/install/), not WireguardNT.

[Author]

Posts