I suspect the answer is "no", but still:
In WireGuard [1], there's a concept of private and public keys for peers; public key derives from a private one and connection between two parties can be established only when keys match. Let's say we have two peers A and B. To connect them, they each have to:
- generate private key;
- generate public key using private one from previous step;
- share public key with other party.
Their configuration will look like that:
peer A:
[Interface]
PrivateKey = <private key of A>
[Peer]
PublicKey = <public key of B>
peer B:
[Interface]
PrivateKey = <private key of B>
[Peer]
PublicKey = <public key of A>
This is very straightforward and creates one-to-one connection.
Now, let's say we have a set of peers N, each with their own private/public keypair. There's also peer Z, which shared its public key with everyone in N, so Z can connect to any of N without issue (with relevant config change of [Peer] section).
Is it possible to do smth like that for Z:
[Interface]
PrivateKey = <private key of Z>
[Peer]
PublicKey = f(N1, N2, ...Ni)
Where f(...) is a function which "combines" all public keys in the set N, thus allowing Z to connect to any from N without configuration changes?
- https://www.wireguard.com/protocol/
