odd behaviour for PSK with wg syncconf

Simon Lindhorst s.lindhorst at wut.de
Thu Apr 7 08:07:27 UTC 2022 

Hi,

I tried a little bit around with PresharedKeys an found an odd behaviour 
when I use /wg syncconf/ instead of /wg setconf./

My config:

    /[Interface]//
    //PrivateKey = yGKbadTuMvT6JWven0yh8tJMFMCnpYoDizueu4K9QF0=//
    //Listenport = 4444//
    //
    //[Peer]//
    //PublicKey = Ts7VwZt8Q2QB5fTydQEfTgqfz1u4WIL6YMQKlMKZ6E8=//
    //AllowedIPs = 10.10.10.2,192.168.10.0/24,192.168.0.0/24//
    //PresharedKey=oipUDdsUPj1lYZMSN2jdx66OSvARhRpso2GD1frE3xo=/

/wg setconf /leads to:

    //root # wg showconf wg0
    [Interface]
    ListenPort = 4444
    PrivateKey = yGKbadTuMvT6JWven0yh8tJMFMCnpYoDizueu4K9QF0=

    [Peer]
    PublicKey = Ts7VwZt8Q2QB5fTydQEfTgqfz1u4WIL6YMQKlMKZ6E8=
    PresharedKey = oipUDdsUPj1lYZMSN2jdx66OSvARhRpso2GD1frE3xo=
    AllowedIPs = 10.10.10.2/32, 192.168.10.0/24, 192.168.0.0/24
    Endpoint = 10.40.28.51:37842/

When I comment out the PresharedKey and do

    //root # wg syncconf wg0 "/etc/vpn/wg0.conf"/

I get

    //root # wg showconf wg0//
    //[Interface]//
    //ListenPort = 4444//
    //PrivateKey = yGKbadTuMvT6JWven0yh8tJMFMCnpYoDizueu4K9QF0=//
    //
    //[Peer]//
    //PublicKey = Ts7VwZt8Q2QB5fTydQEfTgqfz1u4WIL6YMQKlMKZ6E8=//
    //PresharedKey = oipUDdsUPj1lYZMSN2jdx66OSvARhRpso2GD1frE3xo=//
    //AllowedIPs = 10.10.10.2/32, 192.168.10.0/24, 192.168.0.0/24//
    //Endpoint = 10.40.28.51:37842/

The PSK entry is always there. But when I change the PSK in the config 
file the PSK entry is correctly changed in /wg showconf/ output after 
call /wg syncconf/.

Is there a reason for this behaviour?


Kind regards

S.

-- Unsere Aussagen koennen Irrtuemer und Missverstaendnisse enthalten.
Bitte pruefen Sie die Aussagen fuer Ihren Fall, bevor Sie Entscheidungen 
auf Grundlage dieser Aussagen treffen.
Wiesemann & Theis GmbH, Porschestr. 12, D-42279 Wuppertal
Geschaeftsfuehrer: Dipl.-Ing. Ruediger Theis
Registergericht: Amtsgericht Wuppertal, HRB 6377 
Infos zum Datenschutz: https://www.wut.de/datenschutz
Tel. +49-202/2680-0, Fax +49-202/2680-265, https://www.wut.de

More information about the WireGuard mailing list