Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

[Suggestion] Support WireGuard

Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action! :-)

Topic Author
cypherpunk

[Suggestion] Support WireGuard

Post by cypherpunk » Tue Aug 29, 2017 7:29 pm

WireGuard is a next generation VPN that is experimenting with post-quantum crypto. Mullvad already rolled it out and it's working great. Please consider supporting!

User avatar

parityboy
Site Admin
Posts: 1214
Joined: Wed Feb 05, 2014 3:47 am

Re: [Suggestion] Support WireGuard

Post by parityboy » Fri Sep 01, 2017 8:52 pm

cypherpunk wrote:WireGuard is a next generation VPN that is experimenting with post-quantum crypto. Mullvad already rolled it out and it's working great. Please consider supporting!
I know that staff are already looking at it, especially in relation to how its public key authentication fits within the Cryptostorm model.

Going by Mullvad's blog, it's still in the testing phase. Have you any personal experience of it? What's the performance like?


Topic Author
cypherpunk

Re: [Suggestion] Support WireGuard

Post by cypherpunk » Sat Sep 09, 2017 4:29 am

I have used it. The performance is really good, moderately better than OpenVPN in that if you have a dynamic IP (e.g. roaming through open wifi or mobile) it reconnects much quicker - no SIGHUPs.

It's also been confirmed working the [linux-libre](https://www.fsfla.org/ikiwiki/selibre/linux-libre/) and the [unofficial-grsec](https://github.com/minipli/linux-unoffi ... c/releases) patches. If you role your own architecture that's a big security plus.


Topic Author
wireguarduser

Re: [Suggestion] Support WireGuard

Post by wireguarduser » Tue Sep 12, 2017 6:45 pm

also use it with mullvad, way higher speeds than openvpn, had some kernel warning log spam in early version, seems fine now

User avatar

df
Site Admin
Posts: 411
Joined: Thu Jan 01, 1970 5:00 am

Re: [Suggestion] Support WireGuard

Post by df » Mon Sep 18, 2017 3:23 pm

We do have a test wireguard instance up on a Romanian server, but it's unlikely that we'll provide public access to it anytime soon.

Main reason being, as the wireguard website puts it, "WireGuard is not yet complete. You should not rely on this code."


PrivacyActivist
Posts: 4
Joined: Thu Jun 15, 2017 10:29 pm

Re: [Suggestion] Support WireGuard

Post by PrivacyActivist » Sat Sep 23, 2017 1:09 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

https://www.wireguard.com/#work-in-progress

This isn't ideal from a security point of view and it's only supported on Linux and Mac OS X. I think this project has a bright future, however. It needs to mature before it can be used daily and for important purposes.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEdexMKgM9vxwWAEtbxT8h/1VVGA8FAlnFbY0ACgkQxT8h/1VV
GA8JoA/9F/C6maEQc5/DzDA6t+lDvkpO8c4kpGY73WwcB/3sHqNmH2wbARS5bQbD
xIg+kUx6FOkMDMkeL+rpjLhjVHy98tBzcknSchcgbSdhVNVrRittf1twr5xfD9U8
ObYzM5P6WKXFRhinzCi1Zj8ktFhVv5FkbxNGCQZnOit/BZmRAq174lL+glushDMJ
9rUhOentP79FOg++6aKBJGt2ROE/3jmpJHvlzh422evvLG/z6CEpi/CMg76sihfR
yhxG5FPjDLKMupkvEYfmJe/LmFhb4Uc9Fg9vYMzwdB/6Tzzvc8D9PwbjigH4b57D
RUqubQ+RJ108fY0DMjdrLqhF0hQUg0gB4SQAuB4iJe6Czg9yD6Bg/qcQtzAIHCvS
DAMYPD8Qqkib8VfeJq27XDFDun+wxRXDKi2zoVzlgb2PG8TPH5xaDg2zQF7AhZMF
CJIxJiIeyjoO9UJf1I+oVo0Keo0JVt7Gcszacj4GPi/H9Wa6Ok5/egPmrfix+E5A
QPYKSRSc5L+8Dgw+x0l/TjrIrN2UStcZmVD1jJRPxDaaFEo/kcSs/hB8PA9MRhPq
pxqPwfFDi4N65NDXx+t7tJ2vv6CpSwTRGFFrvooyDC4nv/qOJNaTVyHaH9Kd3cZv
kUfROh6xm+c3zinS1arG/V5PbAWY7OADNgeEvmqb8AF+kwyeDvQ=
=JaNX
-----END PGP SIGNATURE-----
☢ Unofficial Support ☢ All messages are signed with my PGP key (so you can verify that the message has been created by me and has not been tampered with or corrupted). You can view my key here.


Topic Author
WG_tinkerer

Re: [Suggestion] Support WireGuard

Post by WG_tinkerer » Wed Dec 20, 2017 11:46 am

It's bloody lovely. Set up a breeze, low over head (getting around 95% connection speed) and it handles roaming between connections flawlessly.

Makes openvpn feel very clunky indeed!

User avatar

Operandi
Posts: 85
Joined: Fri Nov 22, 2013 4:23 pm

Re: [Suggestion] Support WireGuard

Post by Operandi » Fri Mar 22, 2019 5:53 pm

Any updates on this? It seems that WireGuard may be mainlined soon.

User avatar

df
Site Admin
Posts: 411
Joined: Thu Jan 01, 1970 5:00 am

Re: [Suggestion] Support WireGuard

Post by df » Tue Apr 02, 2019 8:02 pm

We're working on the interface for it now. Almost done.

User avatar

Operandi
Posts: 85
Joined: Fri Nov 22, 2013 4:23 pm

Re: [Suggestion] Support WireGuard

Post by Operandi » Fri Apr 05, 2019 11:48 pm

df wrote:
Tue Apr 02, 2019 8:02 pm
We're working on the interface for it now. Almost done.
Ah, great.

User avatar

df
Site Admin
Posts: 411
Joined: Thu Jan 01, 1970 5:00 am

Re: [Suggestion] Support WireGuard

Post by df » Mon Apr 08, 2019 5:08 am

https://cryptostorm.is/wireguard just went live :-D
Be sure to check out https://cryptostorm.is/blog/wireguard-support-added too for info on device limits and whatnot

EDIT:
Like it says on https://cryptostorm.is/wireguard and https://www.wireguard.com/ -
WireGuard is not yet complete. You should not rely on it. It has not undergone proper degrees of security auditing and the protocol is still subject to change.
We've been playing with it since 2016 and it doesn't seem like the protocol is going to change significantly anytime soon, so it should be stable enough to use now.
But keep in mind, it hasn't had any proper audits, so you shouldn't be using it for high security scenarios.
If you just want better speeds for torrenting or whatever, it should be fine for that.


prospav
Posts: 8
Joined: Sun Jan 06, 2013 7:19 pm

Re: [Suggestion] Support WireGuard

Post by prospav » Wed Apr 10, 2019 6:02 pm

Set up on Mac OSX 10.14.4 and using official Wireguard app from apple store, easy set up and works beautifully. Same on IOS 12.2 and apple store app.
Many thanks to CS.


AnonAsPossible
Posts: 7
Joined: Fri Feb 10, 2017 3:49 am

Re: [Suggestion] Support WireGuard

Post by AnonAsPossible » Fri Apr 12, 2019 1:59 am

For those of you trying to setup WG In Linux Mint 19.1-tessa-xfce-x64, you'll also need to install the following;

\sudo apt install resolvconf curl


Topic Author
anonymoose

Re: [Suggestion] Support WireGuard

Post by anonymoose » Fri Apr 12, 2019 3:55 am

WireGuard is amazing, THANK YOU!!!!

OpenVPN was a nightmare, always disconnecting on UDP and could rarely get TCP to connect (slow when it did!). With UDP Open VPN working I got about 30Mbps, I now get 60Mbps with WireGuard and it's rock solid and so simple !!!


chrispeddler
Posts: 4
Joined: Thu Jul 11, 2019 8:03 am

Re: [Suggestion] Support WireGuard

Post by chrispeddler » Tue Jul 16, 2019 2:38 pm

I heard that AzireVPN also works well with Wireguard. They stared strong with no logging policy an additional security they called "blind operator mode," Anyone tested it yet?

User avatar

df
Site Admin
Posts: 411
Joined: Thu Jan 01, 1970 5:00 am

Re: [Suggestion] Support WireGuard

Post by df » Tue Jul 16, 2019 2:46 pm

chrispeddler wrote:
Tue Jul 16, 2019 2:38 pm
I heard that AzireVPN also works well with Wireguard. They stared strong with no logging policy an additional security they called "blind operator mode," Anyone tested it yet?
Their blind operator mode is pretty silly, even Jason (WireGuard author) says so himself - https://archive.is/ixN9A
More info about WireGuard and our no-logging policy is @ https://cryptostorm.is/blog/wireguard-privacy-concerns

Post Reply