Good afternoon. What if the user loses the config and an attacker finds it? Now I have Require Authentication For VPN Sessions every week, but if the user authenticates on the portal, the malicious person will also have access
The config file doesn’t have a credential for logging in to Firezone, as a result, you delete the device immediately and then regenerate the config.
In addition, it’s a good practice to delete the config file after importing it into wireguard, that’s one way of protecting yourself from undesired access to your Private Network.
@vadimushkaa We’ve considered reworking this feature to be more of an “expire configs after XX” setting which would fix this and result in less confusion. `Refactor periodic re-authentication` as `expire WireGuard configuration after...` · Issue #1236 · firezone/firezone · GitHub