Re: Getting wg(4) NetBSD server to work with WireGuard(R) macOS client

[Paul W. Rankin <rnkn%rnkn.xyz@localhost>]

RVP <rvp%SDF.ORG@localhost> wrote:
> Is this a verbatim transcript, because:
> 
> > On the NetBSD server:
> >
> > 	# (umask 0077; wg-keygen > /etc/wg0)
> > 	# wg-keygen --pub < /etc/wg/wg0 > /etc/wg/wg0.pub
> >
> 
> 1) the file paths don't match...
> 
> > 	# cat /etc/wg0.pub
> > 	1WaiYse6arup/pNqos7CyvtsTm6O8PN+/s/6UZdk0kc=
> > [...]
> > 	# wgconfig wg0 add peer sevastopol \
> > 		1WaiYse6arup/pNqos7CyvtsTm6O8PN+/s/6UZdk0kc= \
> > 		--allowed-ips=10.2.0.42/32
> >
> 
> and,
> 
> 2) it should be the other side's pubkey, not the server's own.

Right, good catch, but this is unfortunately just me making stupid
mistakes copying things down from the server to my mail client.

Here's the actual:

Server's pub key:

starbeastie:~ $ cat /etc/wg0.pub
1XZAdwI24HXmICY6wJ7YI00bo+h8qd4KysLFMTgiKDc=

Client's pub key:

starbeastie:~ $ wgconfig wg0
interface: wg0
        private-key: (hidden)
        listen-port: 9443
        peer: sevastopol
                public-key: 8Oe88+HZAJ39RePuIcw3OQjQtC+onX0/lXk2rxC9HUw=
                endpoint: 1.146.105.131:3090
                preshared-key: (hidden)
                allowed-ips: 192.168.10.0/24
                latest-handshake: Sun Jan 12 13:27:09 2025

Thanks,

-- 
Paul W. Rankin
https://rnkn.xyz