On Fri, Nov 27, 2020 at 12:29:01PM +0000, Stuart Henderson wrote:
> It's not very clear how to fetch the pubkey. OK to add this to wg(4)?
> 

hi.

> Index: wg.4
> ===================================================================
> RCS file: /cvs/src/share/man/man4/wg.4,v
> retrieving revision 1.6
> diff -u -p -r1.6 wg.4
> --- wg.4      24 Nov 2020 16:33:05 -0000      1.6
> +++ wg.4      27 Nov 2020 12:28:32 -0000
> @@ -64,6 +64,9 @@ interface may be configured to recognise
>  .It Key
>  Each peer uses its private key and corresponding public key to
>  identify itself to others.
> +The public key may be displayed by running
> +.Xr ifconfig 8
> +as root after configuring the private key.
>  A peer configures a
>  .Nm wg
>  interface with its own private key and with the public keys of its peers.

i'm not sure about this text. wouldn;t the "Keys" section make more
sense? the "Keys" section itself says:

         When an interface has a private key set with wgkey, the
         corresponding public key is shown in the status output of
         the interface, like so:

               wgpubkey NW5l2q2MArV5ZXpVXSZwBOyqhohOf8ImDgUB+jPtJps=

maybe we should just elaborate here?

> @@ -138,9 +141,11 @@ but demonstrates two interfaces on the s
>  .Bd -literal
>  #!/bin/sh
>  
> +# create interfaces, set random private keys

i agree a bit of explanation makes sense here. saying that, you should
really join "create interfaces" and "set random private keys" with a
semicolon or "and" or somesuch, not a comma.

jmc

>  ifconfig wg1 create wgport 7111 wgkey `openssl rand -base64 32` rdomain 1
>  ifconfig wg2 create wgport 7222 wgkey `openssl rand -base64 32` rdomain 2
>  
> +# retrieve the public keys associated with the private keys
>  PUB1="`ifconfig wg1 | grep 'wgpubkey' | cut -d ' ' -f 2`"
>  PUB2="`ifconfig wg2 | grep 'wgpubkey' | cut -d ' ' -f 2`"
>  


Reply via email to