Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-19 19:30:16 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1023 from jellemdekker/feature/unique_client_psk

Browse source 
Generate unique pre-shared key for each client
This commit is contained in:
Orazio 2020-04-23 11:15:48 +02:00 committed by GitHub
commit 1f506f50a6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
auto_install/install.sh
View file

@ -1977,9 +1977,9 @@ confWireGuard(){
$SUDO chmod 700 /etc/wireguard
if [ "${runUnattended}" = 'true' ]; then
echo "::: The Server Keys and Pre-Shared key will now be generated."
echo "::: The Server Keys will now be generated."
else
whiptail --title "Server Information" --msgbox "The Server Keys and Pre-Shared key will now be generated." "${r}" "${c}"
whiptail --title "Server Information" --msgbox "The Server Keys will now be generated." "${r}" "${c}"
fi
# Remove configs and keys folders to make space for a new server when using 'Repair' or 'Reconfigure'
@ -1993,10 +1993,9 @@ confWireGuard(){
# Generate private key and derive public key from it
wg genkey | $SUDO tee /etc/wireguard/keys/server_priv &> /dev/null
wg genpsk | $SUDO tee /etc/wireguard/keys/psk &> /dev/null
$SUDO cat /etc/wireguard/keys/server_priv | wg pubkey | $SUDO tee /etc/wireguard/keys/server_pub &> /dev/null
echo "::: Server Keys and Pre-Shared Key have been generated."
echo "::: Server Keys have been generated."
echo "[Interface]
PrivateKey = $($SUDO cat /etc/wireguard/keys/server_priv)

5
scripts/wireguard/makeCONF.sh
View file

@ -75,6 +75,7 @@ if [ -f "configs/${CLIENT_NAME}.conf" ]; then
fi
wg genkey | tee "keys/${CLIENT_NAME}_priv" | wg pubkey > "keys/${CLIENT_NAME}_pub"
wg genpsk | tee "keys/${CLIENT_NAME}_psk" &> /dev/null
echo "::: Client Keys generated"
# Find an unused number for the last octet of the client IP
@ -102,7 +103,7 @@ echo >> "configs/${CLIENT_NAME}.conf"
echo "[Peer]
PublicKey = $(cat keys/server_pub)
PresharedKey = $(cat keys/psk)
PresharedKey = $(cat "keys/${CLIENT_NAME}_psk")
Endpoint = ${pivpnHOST}:${pivpnPORT}
AllowedIPs = 0.0.0.0/0, ::0/0" >> "configs/${CLIENT_NAME}.conf"
echo "::: Client config generated"
@ -110,7 +111,7 @@ echo "::: Client config generated"
echo "# begin ${CLIENT_NAME}
[Peer]
PublicKey = $(cat "keys/${CLIENT_NAME}_pub")
PresharedKey = $(cat keys/psk)
PresharedKey = $(cat "keys/${CLIENT_NAME}_psk")
AllowedIPs = ${NET_REDUCED}.${COUNT}/32
# end ${CLIENT_NAME}" >> wg0.conf
echo "::: Updated server config"

1
scripts/wireguard/removeCONF.sh
View file

@ -91,6 +91,7 @@ for CLIENT_NAME in "${CLIENTS_TO_REMOVE[@]}"; do
rm "keys/${CLIENT_NAME}_priv"
rm "keys/${CLIENT_NAME}_pub"
rm "keys/${CLIENT_NAME}_psk"
echo "::: Client Keys for ${CLIENT_NAME} removed"
# Find all .conf files in the home folder of the user matching the checksum of the