Wireguard .. "
Using freebsd, poudriere all done and running, repositories pointing the right ways, this is easy. All I have to do is a simple
$ sudo pkg install -y wireguard
This gifts me the installation of two packages, wireguard-go, the main thing and wireguard
which does have the
/usr/local/bin/wg command, but more importantly, it has
/usr/local/bin/wg-quick which takes a ... kind of simple config
file and feeds it to wg.
/usr/local/etc/wireguard/server.conf on the server, I've got the
192.168.3.170 is the servers IP on the tun interface with the listed peers
[Interface] PrivateKey = serverprivate ListenPort = 51820 Address = 192.168.3.170/32 [Peer] PublicKey = clientpublic AllowedIPs = 192.168.3.171/32 PersistentKeepalive = 25
Very similar to the server, in
192.168.3.171 is the clients IP in the wireguard tunnel.
[Interface] PrivateKey = clientprivate Address = 192.168.3.171/32 [Peer] PublicKey = serverpublic Endpoint = 192.0.2.170:51820 AllowedIPs = 192.168.3.0/24 PersistentKeepalive = 25
192.0.2.170 is the IP of the listening server