Use case: you have an OpenBSD machine behind a NAT (or not), robert, and you want to connect it to the Linux server siouxsie that has been set up according to my previous post:
On robert, execute the following:
mkdir -p /etc/wireguard openssl rand -base64 32 > /etc/wireguard/privatekey
Create the file /etc/hostname.wg0 with the following content:
wgkey {content of /etc/wireguard/privatekey on robert}
wgpeer {content of /etc/wireguard/publickey on siouxsie} wgendpoint {siouxie's ip} 51820 wgaip 10.2.1.1/32 wgpka 60
inet 10.2.1.5 255.255.255.0
up
Now execute:
sh /etc/netstart wg0
ifconfig wg0 | grep wgpubkey | awk '{ print $2 }' > /etc/wireguard/publickey
Now add the following stanza to the file /etc/wireguard/wg0.conf on siouxsie:
[Peer]
PublicKey = {content of /etc/wireguard/publickey on robert}
AllowedIPs = 10.2.1.5/32
PersistentKeepalive = 60
Restart Wireguard on siouxsie by running
systemctl restart wg-quick@wg0
And that's all. Reboot robert to ensure that the wg0 interface is correctly working on startup (it may take a while to be fully running, be patient).