There can only be so many different server config combinations for algorithm, crypto mode, key size etc, so it would be trivial to have a bot try several combinations and nail your setup on the 5th try or whatever, especially if you selected “standard good” setups, which you should if you’re opening a port.
But overall it will weaken the protocol and there is a risk, even if it’s small, of a downgrade attack being discovered. Simply by having options means that it’s possible to trick the server or force it into a more vulnerable state. You can’t get rid of that except by completely removing the options in the first place because there will be literally nothing to downgrade to.
WG just isn’t into that risk. It’s cool if you want it and I won’t say you’re wrong in general because everyone has their preferences and makes trade-offs to set things up the way that they want, but in this particular context it goes against the design principles of WG by introducing complexity and risk, which is not what it’s about. There’s many other options if that’s what you’re looking for, and a lot of them are just as great/secure.
There can only be so many different server config combinations for algorithm, crypto mode, key size etc, so it would be trivial to have a bot try several combinations and nail your setup on the 5th try or whatever, especially if you selected “standard good” setups, which you should if you’re opening a port.
But overall it will weaken the protocol and there is a risk, even if it’s small, of a downgrade attack being discovered. Simply by having options means that it’s possible to trick the server or force it into a more vulnerable state. You can’t get rid of that except by completely removing the options in the first place because there will be literally nothing to downgrade to.
WG just isn’t into that risk. It’s cool if you want it and I won’t say you’re wrong in general because everyone has their preferences and makes trade-offs to set things up the way that they want, but in this particular context it goes against the design principles of WG by introducing complexity and risk, which is not what it’s about. There’s many other options if that’s what you’re looking for, and a lot of them are just as great/secure.