search

naggie / dsnet

FAST command to manage a centralised wireguard VPN. Think wg-quick but quicker: key generation + address allocation.
https://calbryant.uk/blog/how-to-set-up-a-wireguard-vpn-in-minutes-with-dsnet/
MIT License
673 stars 33 forks source link

User keys #77

Closed xxxserxxx closed 2 years ago

xxxserxxx commented 2 years ago

Here's another one. This adds the ability to accept user-supplied private keys. Why? Because I have a dream that I'll be able to connect my mobile phone to two WireGuard subnets at the same time, but to do that, you have to use the same private key for both peers (because you can only supply one in the WireGuard Android client). Here's how it works:

  1. The user copies the base64 private key
  2. The user runs the dsnet add function, and includes the -k switch
  3. dsnet will ask the user to enter their private key
  4. dsnet uses the key instead of generating a new one

Example:

phaethusa ~ % sudo ./dsnet add -k mynode
private key: RGlkIHlvdSB0aGluayBJIHdvdWxkIHBvc3QgYSBrZXk=
owner: Me
Description: My Phone

Do you want to add the above configuration? [y/n] y

[Interface]
Address=10.79.56.6/22
PrivateKey=RGlkIHlvdSB0aGluayBJIHdvdWxkIHBvc3QgYSBrZXk=

[Peer]
PublicKey=U3RvcCB0cnlpbmchIFRoaXMgaXMgY2Vuc29yZWRlZGQ=
PresharedKey=VGhpcyBpcyBhIHNpbGx5IGJpdCBvZiB0ZXh0LiAwMTI=
Endpoint=my.server.net:51820
PersistentKeepalive=0
AllowedIPs=10.79.56.0/22

This feature is backwards compatible; dsnet acts the same as it did before if the -k flag isn't provided.

This PR depends on the error_cascade PR. Sorry.

xxxserxxx commented 2 years ago

I'm retracting this, and will submit one based on the head of the master branch. This should make merging PRs cleaner and easier.