Debian-based configuration for wireguard

Daniel Kahn Gillmor dkg at
Wed Jul 12 00:19:45 CEST 2017

On Tue 2017-07-11 13:04:40 +0000, at wrote:
> [ dkg wrote: ]
>>  * it looks to me like configuring a wireguard link this way will
>>    require an entry in /etc/network/interfaces (or interfaces.d) *and* 
>> a
>>    config file in /etc/wireguard/*.conf.  It seems like it would be
>>    cleaner to have all the configuration in one place, no?
> /etc/network/interfaces is usually world readable, /etc/wireguard/ not
> as your private keys are stored there.

Good point!  it'd be great to be able to separate the private key
information from the standard network information for that reason; it's
not like people can't inspect the rest of the network config once the
device is configured, so it would be nice to be able to just have the
private key in an isolated file.


More information about the WireGuard mailing list