From 8a419e2e914f196ed0f003cb98cf268d56386b79 Mon Sep 17 00:00:00 2001 From: Callan Bryant Date: Thu, 7 May 2020 12:54:16 +0100 Subject: [PATCH] note about private keys --- README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index ad08889..7200a2a 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,14 @@ Quick start -- install wireguard and dsnet, then: Copy the generated configuration file to your device and connect! -To send configurations, ffsend (with separately transferred password) or a local QR code generator may be used. +To send configurations, ffsend (with separately transferred password) or a +local QR code generator may be used. + +The peer private key is generated on the server, which is technically not as +secure as generating it on the client peer and then providing the server the +public key; there is provision to specify a public key in the code when adding +a peer to avoid the server generating the private key. The feature will be +added when requested. # Configuration overview