this post was submitted on 09 Nov 2024
268 points (100.0% liked)
Privacy
32072 readers
394 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Except the 5 device limit. With OVPN it means 5 connected devices, with WG it means 5 registered public keys.
Say you use the official Mullvad app and also setup some 3rd party WG client on your phone. That's now taking up 2 devices. Or perhaps you do have 6 devices, but you never have more than 2 of them running at once. With WG, that's still 6 devices regardless of them being connected or not, while with OVPN it will indeed be just 2 devices.
Can you not use the same keys for multiple devices like you'd normally be able to?
Not at the same time as they would conflict.
Well sure, but you effectively still have the same 5-connection limit as long as you manage your keys correctly.
That's always borked both connections for me
This is a great point, if they're gonna make this change, they should allow unlimited keys (or at least more than 5) and just limit the number of simultaneous devices on wireguard too. If that's feasable
It might be feasible, but it's a bit awkward to implement because Wireguard is stateless and doesn't know if a client is offline or just hasn't sent any traffic for some time.
That's a pity.
Is there something preventing you from having the same key ready for use on more than one device? So that two devices that are never connected at the same time can take turns using the same key?
Not at all
That's true. I use user profiles on GrapheneOS and have to have each profile count as its own device in Mullvad, when obviously I'm not going to be using them simultaneously.
I can only assume that is the main reason for this change. Pitty.
I already commented on this, but do they actually block you from setting up multiple devices with the same key?
I've had my own server node for a while, there's nothing stopping me from using the same key and config on multiple client devices, as long as I don't connect them at the same time.
I'm not limited to five keys, obviously, but the keys aren't device specific. I could set up just one on the server, and then use it everywhere.
Does Mullwad stop this in some way?
I don't think that's possible to block, but it could lead to problems (responses not arriving) when both devices try to use the same key.
Well yeah, you'd still have the limitation that you can't connect multiple devices at the same time. But the idea is that just like before, nothing is actually stopping you from having as many devices as you like ready to go, all able to be used one at a time.
It just sounds easier to think about it with wireguard then. No surprises.
One of my devices uses three keys because out of the two local servers I have, they seem to go down every other month, so I need a failover.
Unless they're simultaneously connected you could share the same private key in all of the configs.