I saw MeshBird[1] on GitHub the other day and while I haven't tried it out yet I...

Skunkleton · on Feb 5, 2016

That one also piqued my interest. I am however still trying to understand what it gets you over something like OpenVPN. Maybe it is simply an alternative?

vruiz · on Feb 5, 2016

If I understood it correctly it would be an alternative to OpenVPN but without central server or configuration, you run meshbird on every node setting it up with a one liner.

miolini · on Feb 6, 2016

zokier · on Feb 5, 2016

On a quick glance Meshbird seems to be closer to Tinc than OpenVPN.

miolini · on Feb 5, 2016

I'm author of Meshbird. Big different between Tinc and Meshbird. When you start Tinc you have to specify other node addresses. When you start Meshbird you have to specify network secret key only. Meshbird's node will find each others automaticly.

mentat · on Feb 5, 2016

The idea is nice but the crypto has some gaps.

lenish · on Feb 5, 2016

For anyone else wondering, they're using AES-CBC with no MAC: https://github.com/meshbird/meshbird/blob/master/secure/cryp...

Should at least use a decent HMAC construction, but would be better to switch to AES-GCM. There's an issue filed for it: https://github.com/meshbird/meshbird/issues/4

miolini · on Feb 6, 2016

Yeah, AES-GCM is better choice for our Meshbird. I've posted AES benchmarks in GO into golang-dev mailgroup.

https://groups.google.com/forum/#!searchin/golang-dev/aes/go...

weitzj · on Feb 6, 2016

I think this is similar to zerotier.com And this just works