Skip to main content

Server

Create WireGuard server

Create

Set temporary permission for new files:

umask 077

Create the keys:

wg genkey > /etc/wireguard/privkey
wg pubkey < /etc/wireguard/privkey > /etc/wireguard/pubkey

Create the config file:

nano /etc/wireguard/wg0.conf
[Interface]
Address = 10.10.10.1/24
ListenPort = 51820
SaveConfig = True
PrivateKey = ...

Start:

wg-quick up wg0

Enable:

systemctl enable wg-quick@wg0

Add Peer

Stop WireGuard before editing wg0.conf!

Append to wg0.conf:

nano /etc/wireguard/wg0.conf
[Peer]
AllowedIPs = 10.10.10.2/32
PublicKey = ...
PresharedKey = ...