- User Since
- Aug 9 2019, 9:22 AM (42 w, 6 d)
Sep 25 2019
Sep 6 2019
@hagbard the private key should stay where its generated. But thats not the point. The point @zx2c4 and I are making, is each interface represent a diffrent Identity. There are only some special cases where you would need the same private key on two interface. Useally you would just add all peers that connect with the same publickey to the same interface. You only need a second interface if there is a second identity you want to assume. For example wg01 might be used to connect to your workplace and wg02 to a vpn service. In that case you would want peers in wg01 and wg02 to know you under different identities.
Aug 15 2019
@hagbard It's not stated that you MUST use a new private key for each interface. But it states that
[e]ach network interface has a private key [...]
https://www.wireguard.com/#simple-network-interface ⇒ Cryptokey Routing
to set a private key for each interface only makes sense when you are allowed to use different keys for different interfaces. If there would be any withdraw in using multiple keys they would have just omitted the "privateKey" in the config file and set i globally. Since they didn't do that I can't imagine there is one. But I would be interested in learning what withdraws you see that the developers don't see.