feature request: content encryption

erebe / wstunnel

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available

BSD 3-Clause "New" or "Revised" License

4.06k stars 354 forks source link

feature request: content encryption #105

Closed waclaw66 closed 2 years ago

waclaw66 commented 2 years ago

Could you please add possibility to encrypt websocket messages. Reasoning is that content of messages can be compromised by e.g. corporate proxy which requires own certificate to decrypt https content. It can be achieved for example by TLS certificate that can be also useful for user authentication.

erebe commented 2 years ago

Hello, The point of wstunnel is not to protect the content of your traffic (like a VPN) it is merely to allow you to create a tunnel/network path across firewalls/proxies. If you want to protect your data, you should look into using ssh -D or wireguard above wstunnel

waclaw66 commented 2 years ago

I know, but both of ssh or VPN have some disadvantages, OpenSSH uses an unencrypted initial magic (packet analyzer recognizes it) and VPN needs virtual network adapter (not possible on corporate computers).