WireGuard最简配置|快速搭建

1.安装WireGuard

Debian/Ubuntu:

sudo apt install wireguard-tools

OpenSUSE/SUSE:

sudo zypper install wireguard

2.生成公钥和密钥

cd /etc/wireguard
wg genkey | tee privatekey | wg pubkey > publickey

3.编写配置文件vim wg0.conf，简单的来说就是交换对方的公钥

(以C-S来描述方便理解，但其实WireGuard不分客户端和服务器，统称为Peer)

服务器:

[Interface]
Address = 100.100.1.1/24                                                
ListenPort = 20010                                          #服务器监听端口
PrivateKey = mEy3IbPfLEdZRw/ZREzHnYmfJ49kb/Ec7iCj2+5OunU=   #服务器privatekey

[Peer]                                                         
AllowedIPs = 100.100.1.2/24
PublicKey = VmkDqEODoo/xHdAY78Hwmgb5fhWR0dL+vJW+HiW2hCs=    #客户端publickey

客户端:

[Interface]                                                       
Address = 100.100.1.2/24                                                
PrivateKey = CCD9L0USsg7mZia/rsXQw9+4vaYYKBV50TiBKA81T0w=   #客户端privatekey

[Peer]
PublicKey = 9t+eVdKOAWzPV1eeug4hveNZERQ8o/GA7DojBxgB/W4=    #服务器publickey
AllowedIPs = 100.100.1.1/24
Endpoint = 10.10.0.68:20010                                 #服务器地址和端口
PersistentKeepalive = 15                                    #保活建议设置(单位s)

4.启动接口

wireguard有比较方便的wg-quick实现。

sudo systemctl enable wg-quick@wg0                         #开机自启
sudo systemctl start wg-quick@wg0                          #启动接口

5.检查接口状态直接在终端键入wg