Updated old docs articles
This commit is contained in:
parent
fd5e65b5c3
commit
58f146440a
GPG key ID:
F92E51B86E07177E
2 changed files with 52 additions and 15 deletions
|
|
@ -11,9 +11,27 @@ tags:
|
|||
|
||||
This article explains how to configure wireguard on Gentoo.
|
||||
|
||||
## Configuration example
|
||||
## Installation
|
||||
|
||||
Here is a `/etc/wireguard/wg0.conf` configuration example to create a tunnel listening on udp port 342 and a remote peers :
|
||||
```sh
|
||||
emerge net-vpn/wireguard-tools -q
|
||||
```
|
||||
|
||||
You will also need to set `CONFIG_WIREGUARD=y` in your kernel configuration.
|
||||
|
||||
## Generating keys
|
||||
|
||||
The private and public keys for a host can be generated with the following commands:
|
||||
```sh
|
||||
PRIVATE_KEY=`wg genkey`
|
||||
PUBLIC_KEY=`printf $PRIVATE_KEY|wg pubkey`
|
||||
echo private_key: $PRIVATE_KEY
|
||||
echo public_key: $PUBLIC_KEY
|
||||
```
|
||||
|
||||
## Configuration
|
||||
|
||||
Here is a configuration example of my `/etc/wireguard/wg0.conf` that creates a tunnel listening on udp port 342 and has one remote peer:
|
||||
```cfg
|
||||
[Interface]
|
||||
PrivateKey = MzrfXLmSfTaCpkJWKwNlCSD20eDq7fo18aJ3Dl1D0gA=
|
||||
|
|
@ -27,7 +45,9 @@ AllowedIPs = 10.1.2.9/32
|
|||
PersistentKeepalive = 60
|
||||
```
|
||||
|
||||
Your private key goes on the first line as argument to `wgkey`, the other keys are public keys for each peer. In this example I setup a client that can be hidden behind nat therefore I configure a `PersistentKeepalive`. If your host has a public IP this line is not needed.
|
||||
To implement this example you will need to generate two sets of keys. The configuration for the first server will feature the first server's private key in the `[Interface]` section and the second server's public key in the `[Peer]` section, and vice versa for the configuration of the second server.
|
||||
|
||||
This example is from a machine that can be hidden behind nat therefore I configure a `PersistentKeepalive`. If your host has a public IP this line is not needed.
|
||||
|
||||
To activate the interface configuration, use :
|
||||
```sh
|
||||
|
|
@ -39,11 +59,6 @@ rc-update add wg-quick.wg0 default
|
|||
|
||||
## Administration
|
||||
|
||||
Private keys can be generated with the following command :
|
||||
{{< highlight sh >}}
|
||||
openssl rand -base64 32
|
||||
{{< /highlight >}}
|
||||
|
||||
The tunnel can be managed with the `wg` command:
|
||||
```sh
|
||||
root@hurricane:~# wg
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue