WireGuard is a simple and fast open-source VPN tunneling service built with high-end cryptographic technologies. It is very easy to set up and use, and many consider it better than OpenVPN or IPSec. WireGuard is also cross-platform and supports embedded devices.
WireGuard works by setting up virtual network interfaces such as wlan0 or eth0 that can be managed and controlled like normal network interfaces, helping configure and manage the WireGuard easily using net-tools and other network managing tools.
This guide will show you how to set up a WireGuard client and server on a Kali Linux system.
Let us start by installing WireGuard on the system.
Installing WireGuard
Depending on the version of Kali Linux you are running, you should have WireGuard apt repositories. Update your system using the commands:
sudo apt-get upgrade
Next, enter a simple apt command to install WireGuard:
Once we have WireGuard installed on the system, we can proceed to configure it.
Configuring WireGuard Server
WireGuard security operates on SSH key-value pairs, which are very easy to configure. Start by creating a .wireguard directory.
cd ~/.wireguard
Next, set read, write, and execute permissions.
Now we can generate the key-value pairs using the command:
Next, copy the contents of the private key:
Once you have the contents of the private key copied to your clipboard, create a WireGuard configuration file in /etc/wireguard/wg0.conf
In the file, add the following lines:
Address = SERVER_IP
SaveConfig = true
ListenPort = 51820
PrivateKey = SERVER_PRIVATE_KEY
[Peer]
PublicKey = CLIENT_PUBLIC_KEY
AllowedIPs = CLIENT_IP
In the address, add the IP address of the hosting server. For PrivateKey, enter the contents of the private key you copied previously.
In the peer section, add the public key for the client and the IP address.
Once you have the configuration file set up, set the VPN server to launch at startup.
Finally, start the WireGuard service on the server:
Configuring WireGuard Client
Next, we need to configure the WireGuard client. Ensure you have WireGuard installed on the system.
Generate Key value pairs as well.
umask u=rwx,go= && cat /etc/wireguard/wg0.conf << EOF
[Interface]
Address = CLIENT_IP
PrivateKey = CLIENT PRIVATE KEY
[Peer]
PublicKey = SERVER PUBLIC KEY
Endpoint = SERVER_IP:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 21
EOF
Finally, save the file and enable the VPN:
You can verify the connection with the command:
Conclusion
Setting up WireGuard is easy and efficient. Once set up, you can use it in a wide variety of cases. With what you’ve learned from this guide, you can test and see if it works better than other VPN services.