| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c362619a-4219-ce2b-093f-c3e71b295922@thelounge.net> Date: Mon, 30 Mar 2020 20:23:46 +0200 From: Reindl Harald <h.reindl@...lounge.net> To: Randy Dunlap <rdunlap@...radead.org>, netdev@...r.kernel.org Subject: Re: 5.6: how to enable wireguard in "make menuconfig" Am 30.03.20 um 19:10 schrieb Randy Dunlap: > On 3/30/20 1:37 AM, Reindl Harald wrote: >> https://i.imgur.com/jcH9Xno.png >> https://www.wireguard.com/compilation/ >> >> crypto wise i have in the meantime enabled everything and the same in >> "networking options" >> >> but "IP: WireGuard secure network tunnel" still don#t appear anywhere :-( >> > > In menuconfig, go to Device Drivers and then > Network Device support. It should look like this: > > │ │ --- Network device support │ │ > │ │ [*] Network core driver support │ │ > │ │ < > Bonding driver support │ │ > │ │ < > Dummy net driver support │ │ > │ │ < > WireGuard secure network tunnel > > > but it requires Networking support and Network Devices and INET (TCP/IP) thanks, i figured it out in the meantime all the howtows with "Address" in [interface] like https://wiki.archlinux.org/index.php/WireGuard don't work figured that also out in my nested Vmware ESXi setup (firewall, clients, wan) within Vmware Workstation :-) seems to work like a charm with "ExecStart=/usr/sbin/ip route add 172.16.0.0/24 via 10.10.10.1 dev vpn-client" on the lcient side --------------------------- [Unit] Description=VPN Server After=network-up.service [Service] Type=oneshot RemainAfterExit=yes PrivateTmp=yes ProtectHome=yes ProtectSystem=strict ReadWritePaths=-/run ReadWritePaths=-/tmp ReadWritePaths=-/var/tmp ExecStart=/usr/sbin/ip link add vpn type wireguard ExecStart=/usr/sbin/ip addr add 10.10.10.1/255.255.255.0 dev vpn ExecStart=/usr/sbin/ip link set dev vpn up ExecStart=/usr/bin/wg addconf vpn /etc/wireguard/vpn-server.conf ExecStop=-/usr/sbin/ip link del vpn [Install] WantedBy=multi-user.target --------------------------- # HOWTO GENERATE KEYS: # umask 077; wg genkey | tee privatekey | wg pubkey > publickey # wg genpsk > preshared [Interface] ListenPort = 51000 PrivateKey = ****** [Peer] PublicKey = +7k1cHdFoo47OfZOsauj0b7gfL/CEIUbgcx4tJK77ls= AllowedIPs = 10.10.10.2/32 ---------------------------
Powered by blists - more mailing lists