59 lines
1.2 KiB
Org Mode
59 lines
1.2 KiB
Org Mode
|
* Wireguard Quick Start
|
||
|
|
|
||
|
|
https://www.wireguard.com/quickstart/
|
||
|
|
|
||
|
|
Level 3 VPN Protocol.
|
||
|
|
Designed for Linux (works on BSD, MacOS and Windows too).
|
||
|
|
Network Interface as most basic foundation of operation.
|
||
|
|
|
||
|
|
** Linux CLI
|
||
|
|
|
||
|
|
Cheat Sheet: https://gist.github.com/chrisswanda/88ade75fc463dcf964c6411d1e9b20f4
|
||
|
|
|
||
|
|
*** Setup the Interface
|
||
|
|
|
||
|
|
#+begin_src bash
|
||
|
|
# ip link add dev wg0 type wireguard
|
||
|
|
# ip address add dev wg0 10.1.0.2/24
|
||
|
|
# ip address add dev wg0 10.1.0.2 peer 10.1.0.1
|
||
|
|
#+end_src
|
||
|
|
|
||
|
|
*** Create Keys
|
||
|
|
|
||
|
|
#+begin_src bash
|
||
|
|
$ umask 077
|
||
|
|
$ wg genkey > privatekey
|
||
|
|
$ wg pubkey < privatekey > publickey
|
||
|
|
#+end_src
|
||
|
|
|
||
|
|
or just
|
||
|
|
|
||
|
|
#+begin_src bash
|
||
|
|
$ wg genkey | tee privatekey | wg pubkey > publickey
|
||
|
|
#+end_src
|
||
|
|
|
||
|
|
*** Add Peer To Server
|
||
|
|
|
||
|
|
#+begin_src bash
|
||
|
|
# add peer
|
||
|
|
wg set wg0 peer <client_pubkey> allowed-ips 10.0.0.x/32
|
||
|
|
|
||
|
|
# verify connection
|
||
|
|
wg
|
||
|
|
|
||
|
|
# save to config
|
||
|
|
wg-quick save wg0
|
||
|
|
#+end_src
|
||
|
|
|
||
|
|
*** Start/Stop Interface
|
||
|
|
|
||
|
|
#+begin_src bash
|
||
|
|
# Start/stop interface
|
||
|
|
wg-quick up wg0
|
||
|
|
wg-quick down wg0
|
||
|
|
|
||
|
|
# Start/stop service
|
||
|
|
$ sudo systemctl stop wg-quick@wg0.service
|
||
|
|
$ sudo systemctl start wg-quick@wg0.service
|
||
|
|
#+end_src
|