WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography
Installing wireguard is easy. Simply issue the following command from SSH:
sudo box install wireguard
At the end of the installation, the location of the config file for your user will be printed (
sudo systemctl start wg-quick@wg1000
In order to use the Wireguard tunnel, you'll need to install the client on your local computer or mobile phone. In order to get started, please check the Wireguard site for help on installing Wireguard on the operating system of your choice.
If you prefer, an alternate client called TunSafe exists and is already a bit more mature than the official Wireguard client for Windows. While the client itself is open-source and developed by a community member with prior credibility, it bears mentioning that using this client completely, 100% at your own risk as it is not developed or maintained by the Wireguard team. You have been warned.
Wireguard is available on many platforms. Setting it up for use with your swizzin configuration should be fairly straight-forward, but in case you need a little help getting your client setup, here are some instructions for popular operating systems.
- Copy-paste the contents of the file outputted at the end of configuration into a file onto your local desktop,eg:
- Open TunSafe, click and drag the configuration file you just created to the TunSafe window. TunSafe will automatically import the client configuration and connect. Easy!
Check if it worked
After configuring your Wireguard Client, check your IP Address.
You can quickly set up WG on your client by using the scannable qr-code. You can run the folllowing command to generate a quick QR inside of your terminal session, which you can scan with your device's camera.
qrencode -t ansiutf8 < ~/.wireguard/*.conf
You can always also try the general troubleshooting tips written in our guide. They might or might not apply, but asking these questions can often make you understand what is under the hood better and help you find what needs to be fixed. It's always worth a shot!
The multi-user functionality has been patched in at a later stage, probably after you have installed it. Please make sure to run
box update and then remove and install wireguard again (
box remove wireguard && box install wireguard). We have opted against patching this automatically as some administrators might not want to give their users WG access without knowing first.
This can happen when you are behind an NAT. Uncomment the following line at the end of your config.
PersistentKeepalive = 25
The service might have been shut down but the kernel process is probably still running. Verify using
htop or some other process manager, and see if you can find any processes starting with
wg, that match the id. You can then manually shut the service down using the following command.
wg-quick down wg100x