- cross-posted to:
- lemmy_support@lemmy.ml
- ipv6@lemmy.world
- i2p@lemmy.world
- golang@lemmy.ml
- cross-posted to:
- lemmy_support@lemmy.ml
- ipv6@lemmy.world
- i2p@lemmy.world
- golang@lemmy.ml
I’ve been accessing my servers over Yggdrasil for the last few years and I never see it mentioned in self hosting communities, so here you go !
Yggdrasil works over IPv6 and brings encryption at the network interface level (similarly to a VPN). The cool thing is that your IP address is derived from your private key, so when you try to connect to a specific IP, your packets are encrypted so that ONLY the destination server can decrypt it (thus preventing MITM attacks). And as everything is encrypted at the NIC level, you can safely use plain text protocols ;)
How cool is that ?
Not quite true, I use cloudflared daily, its simply a daemon that connects back to CF. The daemon is configured on the CF side to proxy various local network (class C) URIs. I usually toss the daemon in the private network with the containers. The machines themselves still work fine over normal internet, the daemon does not cut a system off it simply provides proxy forward services.
This sounds very similar but without the configurability, just whatever I toss on the line I get. Which for the cases im thinking (replacing VPNs as suggested here) it will be great.
Ok thanks for the clarification (I’ve never used CF). Yggdrasil doesn’t act as a proxy at all though so it’s quite different. It simply creates a virtual interface on your host, and whatever comes in or get out of this interface is encrypted by default. Also, this interface can only access and be accessed over the Yggdrasil network.
its just attached at a different network layer. this would show up as an adapter on the machine i suspect.