Setting up WireGuard on Ubuntu

Micro tutorial to use the built-in VPN for Linux

WireGuard is a modern, secure VPN protocol that is both simple to set up and easy to use. In this article, we will walk through the steps of setting up a WireGuard VPN server and client on Ubuntu Linux.

Step 1: Install WireGuard

To start, we will need to install the WireGuard software on both the server and the client machines. On Ubuntu, this can be done by running the following command in the terminal:

sudo apt-add-repository -y ppa:wireguard/wireguard 
sudo apt-get update 
sudo apt-getinstall wireguard

Step 2: Generate Server Key Pair

Next, we will need to generate a key pair for the server. This can be done by running the following command on the server:

wg genkey | tee server-private.key | wg pubkey > server-public.key

This will generate two files, server-private.key and server-public.key, which contain the private and public keys for the server, respectively.

Step 3: Generate Client Key Pair

Similarly, we will need to generate a key pair for the client. This can be done by running the following command on the client:

wg genkey | tee client-private.key | wg pubkey > client-public.key

This will generate two files, client-private.key and client-public.key, which contain the private and public keys for the client, respectively.

Step 4: Configure Server

With the key pairs generated, we can now configure the server. Create a new file called wg0.conf in the /etc/wireguard/ directory on the server and add the following contents:

[Interface] 
Address = 10.0.0.1/24 
SaveConfig = true 
PrivateKey = <server-private.key> 

[Peer] 
PublicKey = <client-public.key> 
AllowedIPs = 10.0.0.2/32

Replace <server-private.key> with the contents of the server-private.key file and <client-public.key> with the contents of the client-public.key file.

Step 5: Configure Client

Now we can configure the client by creating a new file called wg0.conf in the /etc/wireguard/ directory on the client and add the following contents:

[Interface] 
Address = 10.0.0.2/24 
PrivateKey = <client-private.key> 

[Peer] 
PublicKey = <server-public.key> 
Endpoint = <server-ip-address>:51820 
AllowedIPs = 0.0.0.0/0, ::/0

Replace <client-private.key> with the contents of the client-private.key file, <server-public.key> with the contents of the server-public.key file, and <server-ip-address> with the IP address of the server.

Step 6: Start the VPN

Now, we need to start the WireGuard service on both the server and the client. On the server, run the following commands:

sudo systemctl start wg-quick@wg0

On the client, run the following commands:

sudo systemctl enable wg-quick@wg0.service
sudo systemctl daemon-reload
sudo systemctl start wg-quick@wg0