scy
Sundew@scy Please tell me that's from your _public_ wireguard key...
If not, it's key rotation time! 😅
@scy Ah, ok. All good. :)
Perhaps you're a trendetter, forging a new era of vanity wireguard keys!
Pianosaurus 🕴@pianosaurus @sundew Yeah the grep should really run on the pubkey instead, but I was too lazy to code that. :)
Quanten@scy @pianosaurus @sundew I have been nerdsniped…
One can even choose the private key (except for clamping¹)
priv:
dontLookIamPrivate+lAGHRWnQ1uGrhZYOxqOYsPXs=
pub:
WTFoCmndz2LdEphazrSCylcVpk0ZXYqzUUXLwZXbRkY=
This is first one I found with WTF at the beginning, followed by a lower case char. Took a couple of minutes
And the "SCy" in there is only by chance ^^
¹first char out of [Q-Za-f] and the last byte has also some restrictions.
@quanten @scy @pianosaurus
Going back to looking at private keys for a moment...
It appears that we don't have to brute-force - we can just overtype whatever text we like:
PRIV=$(wg genkey)
PRIV2=sundew+${PRIV:7}
echo $PRIV2
echo $PRIV2 | wg pubkey
I'm sure this is a horrible idea for all sorts of reasons! (Don't use this, seriously ^^)
@sundew I know, that is exactly what I did :D
The "dontLookIamPrivate+" is not a redaction and part of the genuine private key, which results in a pub key starting with WTF. In hindsight I can see that is wasn't that clear.
Yes, it is a very bad idea. And a private key starting with s (or anything that does not result in 01 at the start of the priv key, see "ed25519 key clamping") is an even worse idea, since it could break the asymmetry completely and not "only" reduce the key space.