Wireguard

WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography

Initial Setup

Installing wireguard is easy. Simply issue the following command from SSH:

sudo box install wireguard

At the end of the installation, the location of the config file for your user will be printed (/home/<user>/.wireguard/<user>.conf)

Managing service

sudo systemctl start wg-quick@wg1000

How to Access

Client Install

In order to use the Wireguard tunnel, you'll need to install the client on your local computer or mobile phone. In order to get started, please check the Wireguard site for help on installing Wireguard on the operating system of your choice.

note

If you prefer, an alternate client called TunSafe exists and is already a bit more mature than the official Wireguard client for Windows. While the client itself is open-source and developed by a community member with prior credibility, it bears mentioning that using this client completely, 100% at your own risk as it is not developed or maintained by the Wireguard team. You have been warned.

Client Setup

Wireguard is available on many platforms. Setting it up for use with your swizzin configuration should be fairly straight-forward, but in case you need a little help getting your client setup, here are some instructions for popular operating systems.

... missing ...

Generating QR Code for clients

You can quickly set up WG on your client by using the scannable qr-code. You can run the folllowing command to generate a quick QR inside of your terminal session, which you can scan with your device's camera.

qrencode -t ansiutf8 < ~/.wireguard/*.conf

Troubleshooting

tip

You can always also try the general troubleshooting tips written in our guide. They might or might not apply, but asking these questions can often make you understand what is under the hood better and help you find what needs to be fixed. It's always worth a shot!

WG doesn't work for any user except for the master

The multi-user functionality has been patched in at a later stage, probably after you have installed it. Please make sure to run box update and then remove and install wireguard again (box remove wireguard && box install wireguard). We have opted against patching this automatically as some administrators might not want to give their users WG access without knowing first.

My connection is not being kept alive

This can happen when you are behind an NAT. Uncomment the following line at the end of your config.

PersistentKeepalive = 25

wg-quick: `wg100x' already exists

The service might have been shut down but the kernel process is probably still running. Verify using htop or some other process manager, and see if you can find any processes starting with wg, that match the id. You can then manually shut the service down using the following command.

wg-quick down wg100x