[prev in list] [next in list] [prev in thread] [next in thread]
List: wireguard
Subject: Re: wg-quick: Read private key from file?
From: Samuel Holland <samuel () sholland ! org>
Date: 2018-12-27 18:58:52
Message-ID: e515967c-f879-656c-f4d6-58c4a4a8cf1e () sholland ! org
[Download RAW message or body]
On 12/27/18 10:51, Rene 'Renne' Bartsch, B.Sc. Informatics wrote:
> does wg-quick allow to read the private key from a file instead of a .conf-file?
Yes, and the manual page wg-quick(8) even has an example of how to read the
private key from an external source:
Or, perhaps it is desirable to store private keys in encrypted form, such
as through use of pass(1):
PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)
If you want to use a file, just provide the filename, as in:
PostUp = wg set %i private-key /etc/wireguard/wg0.key
From the wg(8) manual page:
Both private-key and preshared-key must be a files, because command line
arguments are not considered private on most systems; but if you are using
bash(1), you may safely pass in a string by specifying as private-key or
preshared-key the expression: <(echo PRIVATEKEYSTRING).
There's no need to write additional wrapper scripts or anything like that.
If you weren't aware of those two manual pages, I suggest reading through both.
It will answer most of your questions :)
Hope that helps,
Samuel
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic