On Fri, Nov 27, 2020 at 12:29:01PM +0000, Stuart Henderson wrote:
> It's not very clear how to fetch the pubkey. OK to add this to wg(4)?
>
hi.
> Index: wg.4
> ===================================================================
> RCS file: /cvs/src/share/man/man4/wg.4,v
> retrieving revision 1.6
> diff -u -p -r1.6 wg.4
> --- wg.4 24 Nov 2020 16:33:05 -0000 1.6
> +++ wg.4 27 Nov 2020 12:28:32 -0000
> @@ -64,6 +64,9 @@ interface may be configured to recognise
> .It Key
> Each peer uses its private key and corresponding public key to
> identify itself to others.
> +The public key may be displayed by running
> +.Xr ifconfig 8
> +as root after configuring the private key.
> A peer configures a
> .Nm wg
> interface with its own private key and with the public keys of its peers.
i'm not sure about this text. wouldn;t the "Keys" section make more
sense? the "Keys" section itself says:
When an interface has a private key set with wgkey, the
corresponding public key is shown in the status output of
the interface, like so:
wgpubkey NW5l2q2MArV5ZXpVXSZwBOyqhohOf8ImDgUB+jPtJps=
maybe we should just elaborate here?
> @@ -138,9 +141,11 @@ but demonstrates two interfaces on the s
> .Bd -literal
> #!/bin/sh
>
> +# create interfaces, set random private keys
i agree a bit of explanation makes sense here. saying that, you should
really join "create interfaces" and "set random private keys" with a
semicolon or "and" or somesuch, not a comma.
jmc
> ifconfig wg1 create wgport 7111 wgkey `openssl rand -base64 32` rdomain 1
> ifconfig wg2 create wgport 7222 wgkey `openssl rand -base64 32` rdomain 2
>
> +# retrieve the public keys associated with the private keys
> PUB1="`ifconfig wg1 | grep 'wgpubkey' | cut -d ' ' -f 2`"
> PUB2="`ifconfig wg2 | grep 'wgpubkey' | cut -d ' ' -f 2`"
>
