# echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list # echo -e "Package: *\nPin: release a=unstable\nPin-Priority: 150\n" > /etc/apt/preferences.d/limit-unstable # apt-get update && apt-get install wireguard-dkms wireguard-tools # modprobe wireguard && lsmod | grep wireguard
Host A
root@hosta # wg genkey > privateA root@hosta # wg pubkey < privateA > publicA
Host B
root@hostb # wg genkey > privateB root@hostb # wg pubkey < privateB > publicB
Link-Network: 172.24.0.0/30 HostA: 172.24.0.1/30 HostB: 172.24.0.2/30
Host A
root@hosta # cat /etc/wireguard/wg0.conf # HostA - HostB [Interface] Address = 172.24.0.1/30 PrivateKey = <contents of privateA> ListenPort = 51820 [Peer] PublicKey = <contents of publicB> AllowedIPs = 172.24.0.2/32
Host B
root@hostb # cat /etc/wireguard/wg0.conf # HostB - HostA [Interface] Address = 172.24.0.2/30 PrivateKey = <contents of privateB> ListenPort = 51820 [Peer] PublicKey = <contents of publicA> AllowedIPs = 172.24.0.1/32 # Uncomment if HostB is behind NAT Router # PersistentKeepAlive = 25
Issue on both hosts
root@hosta # wg-quick up wg0 root@hostb # wg-quick up wg0
Host A
root@hosta # wg interface: wg0 public key: PUBLIC-KEY-A private key: (hidden) listening port: 51820 peer: PUBLIC-KEY-B endpoint: 185.69.244.140:25920 allowed ips: 172.24.0.2/32 latest handshake: 1 minute, 44 seconds ago transfer: 2.80 MiB received, 1.09 MiB sent
Host B
root@hostb # wg interface: wg0 public key: PUBLIC-KEY-B private key: (hidden) listening port: 51820 peer: PUBLIC-KEY-A endpoint: 144.76.72.57:51820 allowed ips: 172.24.0.1/32 latest handshake: 21 seconds ago transfer: 1006.68 KiB received, 2.57 MiB sent persistent keepalive: every 25 seconds