Refer to this article
for a brief overview, prerequisites, and server details. Ensure you run all commands as the root
user.
Generate keys
Each server requires a unique public/private key pair to establish identity and secure connections. Run the following commands to create the required files:
(umask 0077; wg genkey | sudo tee /etc/wireguard/privatekey | wg pubkey | sudo tee /etc/wireguard/publickey)
wg genpsk # Generates a preshared key for Peer A (adds an extra layer of encryption)
Create configuration file
Create a configuration for the new interface. In Wireguard, the configuration file’s name determines the interface name. For example, if you create /etc/wireguard/wg0.conf
, the interface will be named wg0
.