Hacker News new | ask | show | jobs
by lifthrasiir 801 days ago
Because it is required to be monotonic per peer. WireGuard has no intrinsic states, so multiple machines with the same peer key will be seen as a single peer and that is actually a legitimate use of WireGuard. These machines would have to be synchronized to each other (but not necessarily to the external clock), and using a time is a straightforward and reasonable way to ensure this.
1 comments
apexalpha 801 days ago
So could you share a single set of keys on multiple machines and Wireguard will work, as long as all machines use the same ntp server?
link
lifthrasiir 801 days ago
Technically yes, but I don't think (but haven't exactly confirmed) that you can initiate a new session to itself.
link