* wg-quick: Read private key from file?
@ 2018-12-27 16:51 Rene 'Renne' Bartsch, B.Sc. Informatics
2018-12-27 17:11 ` Lonnie Abelbeck
2018-12-27 18:58 ` Samuel Holland
0 siblings, 2 replies; 3+ messages in thread
From: Rene 'Renne' Bartsch, B.Sc. Informatics @ 2018-12-27 16:51 UTC (permalink / raw)
To: wireguard
Hi,
does wg-quick allow to read the private key from a file instead of a .conf-file?
Regards,
Renne
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: wg-quick: Read private key from file?
2018-12-27 16:51 wg-quick: Read private key from file? Rene 'Renne' Bartsch, B.Sc. Informatics
@ 2018-12-27 17:11 ` Lonnie Abelbeck
2018-12-27 18:58 ` Samuel Holland
1 sibling, 0 replies; 3+ messages in thread
From: Lonnie Abelbeck @ 2018-12-27 17:11 UTC (permalink / raw)
To: Rene 'Renne' Bartsch, B.Sc. Informatics; +Cc: WireGuard mailing list
> On Dec 27, 2018, at 10:51 AM, Rene 'Renne' Bartsch, B.Sc. Informatics <ml@bartschnet.de> wrote:
>
> Hi,
>
> does wg-quick allow to read the private key from a file instead of a .conf-file?
>
> Regards,
>
> Renne
You could create a wg-quick-wrapper script that aggregates files from where-ever you like before it calls wg-quick and then cleans-up tmp files.
Or just re-write wg-quick to suit your needs.
Lonnie
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: wg-quick: Read private key from file?
2018-12-27 16:51 wg-quick: Read private key from file? Rene 'Renne' Bartsch, B.Sc. Informatics
2018-12-27 17:11 ` Lonnie Abelbeck
@ 2018-12-27 18:58 ` Samuel Holland
1 sibling, 0 replies; 3+ messages in thread
From: Samuel Holland @ 2018-12-27 18:58 UTC (permalink / raw)
To: Rene 'Renne' Bartsch, B.Sc. Informatics, wireguard
On 12/27/18 10:51, Rene 'Renne' Bartsch, B.Sc. Informatics wrote:
> does wg-quick allow to read the private key from a file instead of a .conf-file?
Yes, and the manual page wg-quick(8) even has an example of how to read the
private key from an external source:
Or, perhaps it is desirable to store private keys in encrypted form, such
as through use of pass(1):
PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)
If you want to use a file, just provide the filename, as in:
PostUp = wg set %i private-key /etc/wireguard/wg0.key
From the wg(8) manual page:
Both private-key and preshared-key must be a files, because command line
arguments are not considered private on most systems; but if you are using
bash(1), you may safely pass in a string by specifying as private-key or
preshared-key the expression: <(echo PRIVATEKEYSTRING).
There's no need to write additional wrapper scripts or anything like that.
If you weren't aware of those two manual pages, I suggest reading through both.
It will answer most of your questions :)
Hope that helps,
Samuel
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, back to index
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-27 16:51 wg-quick: Read private key from file? Rene 'Renne' Bartsch, B.Sc. Informatics
2018-12-27 17:11 ` Lonnie Abelbeck
2018-12-27 18:58 ` Samuel Holland
WireGuard Archive on lore.kernel.org
Archives are clonable:
git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
public-inbox-index wireguard
Newsgroup available over NNTP:
nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard
AGPL code for this site: git clone https://public-inbox.org/ public-inbox