|WIRESEP(8)||System Manager's Manual||WIRESEP(8)|
wiresep daemon runs WireGuard on one
or more tunnel interfaces.
If sent a
wiresep logs statistics.
The arguments are as follows.
The format for both private keys and pre-shared keys is the same. A file should contain only one key which must be encoded in Base64. Any blank line in the file or lines that start with a ‘#’ are ignored, as well as any text that follows a key. The file must be owned by the superuser and may not have any permission bits set for the group or others. Note that both private keys and pre-shared keys can be conveniently generated with wiresep-keygen(1).
configuration file used by
The following default locations are used for keys if not configured otherwise. Only the private key for an interface is mandatory, all pre-shared keys are optional.
/etc/wiresep/tunN.privkey default location of the private key used for an interface. tunN must correspond to the name of a configured interface.
/etc/wiresep/global.psk default location of a global pre-shared key
/etc/wiresep/tunN.psk default location of an interface specific pre-shared key
/etc/wiresep/tunN.peer.psk default location of a peer specific pre-shared key
Note that tunN and peer should be substituted for the actual name of a configured interface and peer.
wiresep daemon exits 0 after receiving
a TERM signal, or >0 if an error occurs.
|April 5, 2020||OpenBSD 6.6|