Desktop 2022.2-beta1 missing Wireguard key menu

[mikamidd]

I assume this could be related to

Add device management to desktop app. This simplifies knowing which device is which and adds the option to log out other devices when there are already 5 connected when logging in.

On the beta build the menu to control Wireguard keys (check/regenerate) is missing so it's not possible to view/verify/regenerate Wireguard key in the desktop app.

Win10 21H2 19044.1645

[xerta555]

Hi

I had the same experience a little over a month ago with a completely different problem. I had tested one of the latest dev versions that was available at the time. For one of the Mullvad devs, it was normal and expected, because it is always possible to manage your keys on the Mullvad website directly by connecting to your account. It may seem confusing, especially if you open several ports on different servers for different devices, yes it is less intuitive.

Personally i willn't say no to recover this option in the desktop app.

[faern]

This is by design. The device concept removes the WireGuard key management view on purpose. A user should not need to see their cryptographical keys, that's very low level. The app should hide this complexity from the user. The app should be better than before at verifying it, so verifying it manually should no longer be needed either.

Regarding regenerating it, most users should not need to do that. The app automatically rotates the key every week. If you really need to manually rotate it at some point you can still do it with our CLI in a terminal:

$ mullvad tunnel wireguard key regenerate

We know it's a bit confusing now. But once the device concept goes live on stable we will update the website to show the device names there! So it will get better.

[xerta555]

If you really need to manually rotate it at some point you can still do it with our CLI in a terminal

Is there an equivalent for Windows users or it's an universal command?

But once the device concept goes live on stable we will update the website to show the device names there! So it will get better.

Niiiice 👍🏻

[faern]

Is there an equivalent for Windows users or it's an universal command?

The CLI is available on all desktop OSes. Just start your console (cmd.exe) and run the command I posted.

[hugalafutro]

Hi I'm a bit confused by this beta, I have this issue also, and although I do not need to see the key or the functionality that was in the key menu, I noticed it is missing while I was looking for the menu for this item from changelog - "Add device management to desktop app. This simplifies knowing which device is which and adds the option to log out other devices when there are already 5 connected when logging in." - Where is this Device management menu located?

Atm I do not have wireguard key menu nor can I find the device menu anywhere.

edit: I said I do not need the functionality of the key menu, but I need a way to know what key the device is using, which atm I am unable to find out.

[faern]

There is no device page. If you look at the account page under settings you will see the device name. This device name will later be presented on the website next to your wireguard keys. So a normal app user is not supposed to see their keys, only their device names. They can then (if they need to) match it to their keys on the website. But a normal user should never need to do this.

but I need a way to know what key the device is using

Why, exactly?

[hugalafutro]

For example when setting up port forwarding I need to know what key the device is using so I can assign/change the port on mullvad web page to correct device (although this should be non-issue once the app tells me name of device and the same appears on the web page as you say it will)

Also once in a blue moon (every 3 or so months) random one of my 5 devices regenerates key by itself, loses connection and needs the key deleted on mullvad web page so it can create new key - I have no idea how I would achieve this now as I can't see which device is which key so I wouldn;t know which key to delete on web page.

Basically on the last stable app I can look into the wireguard menu, then go to mullvad web and see which device it is, on latest beta I can't seem to find this info.

Sorry if I misunderstand something, English is not my 1st language and I'm not the most technical type.

[mikamidd]

This is by design.

Got it. I'm not against improved device management but can't say I agree with removing key controls from the GUI app though, personally I'd prefer to have more advanced features in the app instead of simplifying it. I don't really have any issues with using CLI and I already use it for some things that take longer to do in GUI anyway but still I feel like keys are essential part of WIreguard that shouldn't be removed/hidden.

In any case I suppose this answers the question so feel free to close the ticket when there's no more discussion.

[faern]

Also once in a blue moon (every 3 or so months) random one of my 5 devices regenerates key by itself, loses connection and needs the key deleted on mullvad web page so it can create new key - I have no idea how I would achieve this now as I can't see which device is which key so I wouldn;t know which key to delete on web page.

Hopefully this should be mitigated once the faulty app is upgraded to one that supports the device concept. Because this will allow apps to be less confused about the too many keys issue. They should more reliably be able to just upload new wg keys for their device slot.

Basically on the last stable app I can look into the wireguard menu, then go to mullvad web and see which device it is, on latest beta I can't seem to find this info.

Not yet. The website will soonish show the device names for all five wg key slots on the website!

[sharma]

I'd really appreciate it if you could preserve the GUI method of manually refreshing Wireguard keys. Between dual-booting Linux and Windows on a couple of PCs as well as on my laptop, phone and tablet, I frequently run up against the 5 device Wireguard key limit even though I'm only ever really using 1 or 2 active Mullvad connections at a time. I deal with that by deleting a Wireguard key here and there when I need to.

Therefore, the ability to manually regenerate a key to get back up and running again on a different device is crucial to me. I'd appreciate being able to manually regenerate Wireguard keys in the GUI if possible (although the ability to generate more than 5 Wireguard keys would be way better -- whilst still maintaining the 5 simultaneous device connection cap, of course!)

[faern]

Therefore, the ability to manually regenerate a key to get back up and running again on a different device is crucial to me.

You will be able to keep using more than five devices and re-add them to your account. But the flow will be different from before. Instead of going to the website to remove some keys and then push new keys from the app it will work like this:

When you log in on the sixth device it will tell you you have too many active devices. It will show you your five current device names. You can then log out one of the five devices directly in the app and continue to log in. You can now use the tunnel on this new sixth device. The device you logged out will display a message that it has been revoked, it will then take you back to the login view and you can log in again. The last used account number is stored, so it's just a matter of clicking on your account number.

So basically when you boot for example Linux, the app will tell you it's revoked, and you just click OK and click your account number on the login screen. Then you get to revoke another device directly in the app and on you go. The entire flow is handled within the app, and you don't need to navigate to deep advanced settings menus.

[sharma]

That sounds great, but just to confirm, there won't be any settings/configuration loss on the device being logged out when I log it back into Mullvad in the future?

[faern]

The device registration (device name and current WireGuard key) is the only thing that will be lost on logout. All other settings remain the same.

[sharma]

Awesome, thanks!

I just gave it a try and noticed that when you log back in and the app asks you which key to delete, the keys are displayed in alphabetical order by the names that you assigned them, rather than chronologically. This makes it more difficult to quickly know which key is which, especially compared to the Mullvad website where they're listed by date of creation.

Would it be possible to either/all:

1. List the keys chronologically rather than alphabetically in the app just like you do on the website so we know which was created most recently and is therefore the one we probably want to delete
2. Allow us to name the keys ourselves
3. Show in the list which keys have ports assigned to them, like the Mullvad site does

Any of these would make it much easier to quickly identify which keys we're dealing with.

Thanks again!

[faern]

Thanks for the feedback! Yes, the sorting of the devices is a relevant point you are bringing up. We'll look at maybe sorting them by creation date in the app also. It will not be possible to set your own names, I'll explain in more detail in an upcoming blog post.

[faern]

The keys are now sorted chronologically. I will close this issue as everything works as intended. See https://mullvad.net/en/blog/2022/6/13/introducing-names-for-easier-device-management/ for more details