DEV Community

Discussion on: What They Don’t Tell You About Setting Up A WireGuard VPN

Collapse
 
grschafer profile image
Greg Schafer
  1. That is my understanding, yes. Regardless of the flavor of public-key cryptography being used, one side of the communication needs a private key and the other side needs a public key. So, for any peer you want to send a message to, you need possession of their public key in advance. (Keep in mind that the VPN "server" is really just another peer and it can initiate connections to its peers.)
  2. Hard to say without more info! A few ideas and things to check:
    • You might try SSHing with extra verbosity (e.g. ssh -vvv me@10.0.0.1) to see what SSH keys your computer is offering.
    • Make sure the corresponding public key exists in ~/.ssh/authorized_keys on the server, for the user account you're SSHing into.
    • Look in /var/log/auth.log on the server and see what messages sshd is emitting when you try to log in.
    • Make sure permissions on that ~/.ssh folder on the server are correct (sudo chmod 0700 ~/.ssh && sudo chmod 0600 ~/.ssh/*). Same for the ~/.ssh folder on your local machine.