- cross-posted to:
- lemmy_support@lemmy.ml
- i2p@lemmy.world
- cross-posted to:
- lemmy_support@lemmy.ml
- i2p@lemmy.world
I’ve been accessing my servers over Yggdrasil for the last few years and I never see it mentioned in self hosting communities, so here you go !
Yggdrasil works over IPv6 and brings encryption at the network interface level (similarly to a VPN). The cool thing is that your IP address is derived from your private key, so when you try to connect to a specific IP, your packets are encrypted so that ONLY the destination server can decrypt it (thus preventing MITM attacks). And as everything is encrypted at the NIC level, you can safely use plain text protocols ;)
How cool is that ?
this sounds a lot like part of how cloudflares tunnel works. me like!
I never used CF tunnels, but from the descriptions I read, it seem to serve a very different purpose. Yggdrasil will just connect your server to an overlay network that’s fully encrypted (but public). If you expose services over Yggdrasil, your server will be directly exposed on the network, you just get full encryption as a bonus. Cloudfare on the other hand will “shift” your server access to their own server, and redirect traffic internally to your server over a secure channel. This means that your server is not publicly accessible.