Wirguard Bestpractice: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→Client) |
|||
| (6 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 7: | Zeile 7: | ||
*PUBKEY=$(echo $PRIVKEY | wg pubkey) | *PUBKEY=$(echo $PRIVKEY | wg pubkey) | ||
*echo $PUBKEY | *echo $PUBKEY | ||
| + | vDr02dlHQ/yqL1YQkzS8hLz3GBLi/DO+H3PLIafRSUs= | ||
| + | |||
==Gemeinsamer Schlüssel== | ==Gemeinsamer Schlüssel== | ||
| − | + | *PSK=$(wg genpsk) | |
| − | + | *echo $PSK | |
| − | *wg genpsk | + | SpjieF6COy8xh2SdmTodRutgtRxAo3UPBRM0j9sM8AY= |
| − | * | ||
| − | |||
| − | |||
| − | |||
| − | |||
=Server= | =Server= | ||
;Es wird an allen Interfaces auf 51821 gelauscht | ;Es wird an allen Interfaces auf 51821 gelauscht | ||
| + | *cat /etc/wireguard/wg0.conf | ||
<pre> | <pre> | ||
[Interface] | [Interface] | ||
| Zeile 37: | Zeile 35: | ||
AllowedIPs = 10.255.44.61/32 | AllowedIPs = 10.255.44.61/32 | ||
</pre> | </pre> | ||
| + | *systemctl status wg-quick@wg0.service --enable | ||
=Client= | =Client= | ||
| + | *cat /etc/wireguard/wg0.conf | ||
<pre> | <pre> | ||
[Interface] | [Interface] | ||
| Zeile 49: | Zeile 49: | ||
#Gemeinsamer Schlüssel | #Gemeinsamer Schlüssel | ||
PresharedKey = ZZZZZ | PresharedKey = ZZZZZ | ||
| − | Endpoint = | + | Endpoint = x.y.s.d:51821 |
PersistentKeepalive = 15 | PersistentKeepalive = 15 | ||
AllowedIPs = 10.255.44.0/23 | AllowedIPs = 10.255.44.0/23 | ||
</pre> | </pre> | ||
| + | |||
| + | =Manuelles starten und stoppen= | ||
| + | *sudo wg-quick up wg0 | ||
| + | *sudo wg-quick down wg0 | ||
Aktuelle Version vom 22. Oktober 2023, 13:08 Uhr
Schlüsselgenerierung
Privater Schlüssel
- PRIVKEY=$(wg genkey)
- echo $PRIVKEY
8GW6pdwT+mZaUA2EZYGHJdbK7QuWmHhig/zPptIMmHw=
Öffentlicher Schlüssel
- PUBKEY=$(echo $PRIVKEY | wg pubkey)
- echo $PUBKEY
vDr02dlHQ/yqL1YQkzS8hLz3GBLi/DO+H3PLIafRSUs=
Gemeinsamer Schlüssel
- PSK=$(wg genpsk)
- echo $PSK
SpjieF6COy8xh2SdmTodRutgtRxAo3UPBRM0j9sM8AY=
Server
- Es wird an allen Interfaces auf 51821 gelauscht
- cat /etc/wireguard/wg0.conf
[Interface] #Virtuelle Adresse Address = 10.255.44.254/24 ListenPort = 51821 #Privater Schlüssel des Servers PrivateKey = XXXXX MTU = 1400 PostUp = PostDown = [Peer] #Öffentlicher Schlüssel des Clients PublicKey = YYYYY #Gemeinsamer Schlüssel PresharedKey = ZZZZZ AllowedIPs = 10.255.44.61/32
- systemctl status wg-quick@wg0.service --enable
Client
- cat /etc/wireguard/wg0.conf
[Interface] Address = 10.255.44.3/24 #Privater Schlüssel des Clients PrivateKey = WWWWW [Peer] #Öffentlicher Schlüssel des Servers PublicKey = VVVVV #Gemeinsamer Schlüssel PresharedKey = ZZZZZ Endpoint = x.y.s.d:51821 PersistentKeepalive = 15 AllowedIPs = 10.255.44.0/23
Manuelles starten und stoppen
- sudo wg-quick up wg0
- sudo wg-quick down wg0