Skip to content

v0.3.1

Compare
Choose a tag to compare
@github-actions github-actions released this 03 Dec 09:54
· 1500 commits to main since this release
3dca2d6

Changelog

  • Wireguard PreSharedKey support.

This feature brings additional security to the system. The pre-shared key is generated by the network admin and stays private.
This means that even if the Management service is compromised and tries to add a malicious peer to the system, that peer won't be able to establish a connection to other network members without a pre-shared key.

PreSharedKey has to be a Wireguard key. Generate a new one with wg genpsk

Fresh run:
wiretrustee up --setup-key <SETUP KEY> --preshared-key <PRESHARED KEY>

Can be also added manually to the config file /etc/wiretrustee/config.json, e.g.:
"PreSharedKey": "iDglzWMp6quPoaQNnH2uqpljYHnjVpl5Jn1vYOWXNEo="

Note: Once set for a peer, all other peers will need it set as well in order to connect. Otherwise, connections won't work.
E.g. having 3 peers: A, B, and C. If peer A has a Preshared key set, but B and C not, then connection:

B <-> C works
A <-> B doesn't work
A <-> C doesn't work

Docker images

  • docker pull wiretrustee/wiretrustee:0.3.1
  • docker pull wiretrustee/signal:0.3.1
  • docker pull wiretrustee/management:0.3.1
  • docker pull wiretrustee/management:debug-latest