mirror of
https://github.com/kevinveenbirkenbach/client-playbook.git
synced 2024-12-29 01:15:04 +01:00
.. | ||
handlers | ||
tasks | ||
README.md |
Role Native Wireguard
Manages wireguard on a client.
Create Client Keys
wg_private_key="$(wg genkey)"
wg_public_key="$(echo "$wg_private_key" | wg pubkey)"
echo "PrivateKey: $wg_private_key"
echo "PublicKey: $wg_public_key"
echo "PresharedKey: $(wg genpsk)"
Debug
RTNETLINK answers: Permission denied
When systemctl restart wg-quick@wg0.service
returns RTNETLINK answers: Permission denied, modify /etc/sysctl.conf:
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0
Afterwards reload:
sysctl -p
systemctl restart wg-quick@wg0.service
SSH
When the SSH connection over wireguard is buggy try:
ip li set mtu 1400 dev eth0
ip li set mtu 1400 dev wlo1
This can be connected to the MTU
Other
- https://golb.hplar.ch/2019/01/expose-server-vpn.html
- https://wiki.archlinux.org/index.php/WireGuard
- https://wireguard.how/server/raspbian/
- https://www.scaleuptech.com/de/blog/was-ist-und-wie-funktioniert-subnetting/
- https://bodhilinux.boards.net/thread/450/wireguard-rtnetlink-answers-permission-denied
- https://stackoverflow.com/questions/69140072/unable-to-ssh-into-wireguard-ip-until-i-ping-another-server-from-inside-the-serv
- https://unix.stackexchange.com/questions/717172/why-is-ufw-blocking-acces-to-ssh-via-wireguard
- https://forum.openwrt.org/t/cannot-ssh-to-clients-on-lan-when-accessing-router-via-wireguard-client/132709/3
- https://serverfault.com/questions/1086297/wireguard-connection-dies-on-ubuntu-peer
- https://unix.stackexchange.com/questions/624987/ssh-fails-to-start-when-listenaddress-is-set-to-wireguard-vpn-ip
- https://serverfault.com/questions/210408/cannot-ssh-debug1-expecting-ssh2-msg-kex-dh-gex-reply