So I’m trying to bridge to physical locations together. At one location I control the firewall and at the other I don’t. I would normally use Wireguard but its all dynamic IPs so it would break every so often.

My though was to use I2P to create a bridge between the 2 places. I will use 0 hops on each with encrypted lease sets.

Is this a sain setup? What drawbacks will this have and will it be problematic? Also what security should I use for my encrypted lease set? I want only one device to connect and no others.

Edit: I think I’ll use i2p for dns

  • 0v0
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    11 months ago

    Yes this is sane and one of the main use cases for encrypted lease sets. Encrypted lease sets make it impossible for unauthorized users to connect to your hidden services.

    If you know beforehand that only one client needs to be able to connect, choose “DH” as a security strategy, and share the client’s key with the server. This article explains these concepts in detail.

    If you don’t care about anonymity (given the 0-hop tunnels), you could also stick both hosts on an overlay network like Yggdrasil. This may or may not be more convenient / performant based on the number of services you want to expose.