Jason A. Donenfeld Jason at zx2c4.com
Wed Jun 24 08:07:22 CEST 2020- Previous message (by thread): [ANNOUNCE] wireguard-linux-compat v1.0.20200623 released
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi everyone,
With WireGuard now being enabled on OpenBSD's -current snapshot builds,
it's pretty easy to try it out on the platform. This email describes two
options for doing in the context of basic VPS providers or personal
machines.
Method A) From an existing OpenBSD install
If you already have an OpenBSD install -- perhaps your VPS provider
supports it as an auto install -- things are pretty easy:
1. Use sysupgrade(8) to upgrade to the latest snapshot as root:
# sysupgrade -s
2. After it installs and it reboots, install wg(8) and wg-quick(8) as
root:
# pkg_add wireguard-tools
3. Now you can use wg(8) and wg-quick(8), in addition to ifconfig(8).
Method B) From an existing Linux install
You probably already have a Linux install -- or most likely your VPS
provider will have any number of Linux distros out of the box -- in
which case you can easily overwrite that Linux install with an OpenBSD
install.
1. Download the miniroot installer:
$ curl -OJL <a href="https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/miniroot67.img">https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/miniroot67.img</a>
2. Write the installer to your hard drive, which is usually either vda,
sda, hda, or nvme0n1. One of these commands will work, and the other
three will fail:
$ sudo dd if=miniroot67.img of=/dev/vda
$ sudo dd if=miniroot67.img of=/dev/sda
$ sudo dd if=miniroot67.img of=/dev/hda
$ sudo dd if=miniroot67.img of=/dev/nvme0n1
After one of those succeeds, this step is complete.
3. Reboot the machine, and connect to its serial port. Most VPS
providers have an option called "launch console" or similar. You'll see
the OpenBSD installer. Most of the defaults should suit you fine, and
there are any number of online manuals on installing OpenBSD.
4. When the installed system boots, install wg(8) and wg-quick(8) as
root:
# pkg_add wireguard-tools
5. Now you can use wg(8) and wg-quick(8), in addition to ifconfig(8).
Sidenote) Updating wireguard-go scripts to use the new wg(4) kernel
driver
If you've already been using WireGuard with OpenBSD, it's via
wireguard-go. The big recent news is that a new native WireGuard
implementation, wg(4), is now baked into the OpenBSD kernel, and
userland utilities like ifconfig(8) and tcpdump(8) support it too. From
a tooling perspective, however, very little should change: recent
versions of wg(8) and wg-quick(8) support WireGuard using the exact same
semantics as before, with these two exceptions:
1. Instead of running `wireguard-go tun0` to create a tunnel manually,
you now run `ifconfig wg0 create`.
2. Instead of referring to the WireGuard interface as "tunX", it's now
"wgX".
Other than those two things, all scripts and commands should behave
identically.
Please let us know if you run into any bugs or other headaches. Thanks
in advance for your testing and feedback.
Enjoy!
Jason
- Previous message (by thread): [ANNOUNCE] wireguard-linux-compat v1.0.20200623 released
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
