« Wireguard » : différence entre les versions
Aucun résumé des modifications |
Aucun résumé des modifications |
||
| Ligne 1 : | Ligne 1 : | ||
== Commandes = | === Commandes === | ||
Démarrer l'interface : | Démarrer l'interface : | ||
<syntaxhighlight lang="bash" line copy> | <syntaxhighlight lang="bash" line copy> | ||
| Ligne 46 : | Ligne 43 : | ||
<syntaxhighlight lang="bash" line copy> | <syntaxhighlight lang="bash" line copy> | ||
sudo watch -n 1 wg show wg0 | sudo watch -n 1 wg show wg0 | ||
</syntaxhighlight> | |||
=== Générer paire de clés pour un client === | |||
<syntaxhighlight lang="bash" line copy> | |||
wg genkey | tee client1.key | wg pubkey > client1.pub | |||
</syntaxhighlight> | |||
=== ajouter une PresharedKey (PSK) à un peer === | |||
<syntaxhighlight lang="bash" line> | |||
mkdir -p /etc/wireguard/keys | |||
chmod 700 /etc/wireguard/keys | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="bash" line> | |||
wg genpsk | tee /etc/wireguard/keys/client1.psk | |||
chmod 600 /etc/wireguard/keys/client1.psk | |||
</syntaxhighlight> | |||
👉 récupère la clé : | |||
<syntaxhighlight lang="bash" copy> | |||
cat /etc/wireguard/keys/client1.psk | |||
</syntaxhighlight> | |||
1. Modifier ton `wg0.conf` (serveur) | |||
<syntaxhighlight lang="bash" copy> | |||
nano /etc/wireguard/wg0.conf | |||
</syntaxhighlight> | |||
Ajoute dans le peer concerné : | |||
<syntaxhighlight lang="bash" line> | |||
[Peer] | |||
PublicKey = CLIENT_PUBLIC_KEY | |||
PresharedKey = TA_PSK_ICI | |||
</syntaxhighlight> | |||
2. Ajouter la PSK côté client | |||
<syntaxhighlight lang="bash" copy> | |||
nano /etc/wireguard/client1.conf | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="bash" line> | |||
[Peer] | |||
PublicKey = SERVER_PUBLIC_KEY | |||
PresharedKey = TA_PSK_ICI | |||
</syntaxhighlight> | </syntaxhighlight> | ||