Or you can setup Yggdrasil by installing it on each machine and adding a few public volunteer peers to the configuration. My own summary of WireGuard->Nebula->Yggdrasil journey: https://news.ycombinator.com/item?id=43967082
Or you can setup Yggdrasil by installing it on each machine and adding a few public volunteer peers to the configuration. My own summary of WireGuard->Nebula->Yggdrasil journey: https://news.ycombinator.com/item?id=43967082
I've looked at Yggdrasil multiple times now, and I always end up backing away because it's security critical software intentionally facing the public internet and talking to untrusted peers, but it's a smaller project with no security audit. In contrast, wireguard has a lot of eyes on it, simpler code that does less, only exposes a listen-only invisible UDP port to untrusted parties, and uses formal verification to ensure that its smaller codebase is secure. Perhaps I'm paranoid, but it's a really hard sell for me to use anything but wireguard:\
AFAIK Yggdrasil does not listen by default and you can make an entirely private Yggdrasil network.
But given both are in Go I would not expect RCEs to be common in either.