Installing Wireguard
This worked on Ubuntu 20.04
1sudo apt install wireguard
2wg genkey | tee server_private_key | wg pubkey > server_public_key
Create a file named wg0.conf editor wg0.conf and add
1[Interface]
2PrivateKey = <private key of the server (the content of the server_private_key file)>
3Address = 10.0.0.1/24
4ListenPort = 51820
1chmod 600 server_public_key server_private_key wg0.conf
2sudo mv server_private_key server_public_key wg0.conf /etc/wireguard/ # Note at this point files are still owned by user sagar, but hopefully that is okay?
3
4sudo systemctl enable --now wg-quick@wg0
5sudo wg #check that the wg0 interface is up
At client i.e. local computer,
1wg genkey | tee client_private_key | wg pubkey > client_public_key
Similarly to the server, create a file named wg0.conf editor wg0.conf and
1[Interface]
2PrivateKey = <client_private_key>
3Address = 10.0.0.2/24
4
5[Peer]
6PublicKey = <server_public_key>
7EndPoint = <server_public_ip>:51820
8AllowedIPs = 10.0.0.1/24
Note: The AllowedIPs line tells the Linux kernel, “If traffic is going to that IP, then route it through Wireguard”
1chmod 600 client_public_key client_private_key wg0.conf
2sudo mv client_public_key client_private_key wg0.conf /etc/wireguard
3sudo systemctl enable --now wg-quick@wg0
Now go to server and add the following [Peer] section in server’s wg0.conf, so that the complete file contents are
1[Interface]
2PrivateKey = <private key of the server (the content of the server_private_key file)>
3Address = 10.0.0.1/24
4ListenPort = 51820
5
6[Peer]
7PublicKey = <public key of the client>
8AllowedIPs = 10.0.0.2/24
Then on the server, issue the command
1systemctl restart wg-quick@wg0
At this point, you should be able to see the peer with the sudo wg command. If the peer is not listed, something is wrong. Probably with the keys.
Now client should be able to ping wireguard server with ping 10.0.0.1