On Mon, Nov 29, 2021 at 4:45 PM Chris Eidem <[email protected]> wrote: > > I have a Wireguard server set up on an OpenBSD 6.9 server with OpenBSD, > Android, iOS and Ubuntu clients. All clients are connecting, although > the Ubuntu clients only work when the PSK is not enabled in the wg0.conf > file. Has anyone else seen this behavior? Is there any information I > could provide to help figure out why the PSK isn't working on my Linux > clients? > > I don't know if wg uses the system's TLS libraries, but if so, I suspect > that the fact gnutls and libressl don't play well together may have > something to do with it. But, that is a guess pulled from my fundament... > > - chris >
wg doesn't use TLS libraries at all, so the issue is somewhere else. Have you checked that the PSK is the same on both ends ? Which kernel version are you using ? Enabling debug logs on both ends may shed some light on what is going on. On OpenBSD, enable using the command: ifconfig wgX debug To disable: ifconfig wgX -debug On Ubuntu, enable using: echo 'module wireguard +p' > /sys/kernel/debug/dynamic_debug/control and disable with: echo 'module wireguard -p' > /sys/kernel/debug/dynamic_debug/control
