see https://openwrt.org/docs/guide-quick-start/sshadministration
I use Putty, but there are other ways listed in the link to ssh into the router
...under the heading:
Putty
PuTTY gives you command-line access to OpenWrt.
this is provided by PIA
the script modification to generate the keys:
PRIV_KEY="$(wg genkey)"
PUB_KEY="$(echo "$PRIV_KEY" | wg pubkey)"
You should have the username and password in the openvpn config. Username starts with p.
To generate your public and private keys. Once you've SSH to your router run the following and note down the output.
PRIV_KEY="$(wg genkey)"
PUB_KEY="$(echo "$PRIV_KEY" | wg pubkey)"
echo "Private key is $PRIV_KEY"
echo "Public key is $PUB_KEY"
Edit the first 4 lines of the script. Add your username, password, private key and public key between the quotes.
Copy the script to your router. Run the following command, I'm assuming you called the file pia_wg.sh. This will make the script executable and also ensure it is kept after a sysupgrade.
chmod +x /root/pia_wg.sh
echo "/root/pia_wg.sh" >> /etc/sysupgrade.conf
Install dependencies
opkg update
opkg install jq
opkg install curl
Run the script for the first time
/root/pia_wg.sh
This will generate the information you require to manually setup the connection for the first time. Follow the instruction in the wiki to setup a wireguard client.
Call the VPN_IF wg0_pia or edit the script where it says VPN_IF=
Let us know when you get this far. Perhaps you could write up what you did, to help others in your situation.
Thanks for the reply, I'm using Powershell on windows 10, How do I move the script(pia_wg.sh) to the router?
I made some additions/changes to @d687r02j8g script.
Didn't work when I ran it on fresh install, required wg interface to exist. Now runs.
Moved user creds to separate file (piauser.sh), creates template if file isn't there
Generates keypair for piauser.sh creds file.
Region identifier in piauser.sh also, can edit and rerun to change wg peer
Updated Script, creates PIA WG Config for OpenWrt
LazerDog, are you still using this setup? I seem to be having an URL not found on the v2/token fetch.
I'm just trying to set it up for the first time, so something else may be wrong for me.
I've had a chance to experiment with PIA wg recently, I ended up using their own manual-connections script which runs just fine on my OpenWrt router with some minor manupulations of the PIA script files. Here's what I ended up using:
cd /root/
git clone --depth 1 https://github.com/pia-foss/manual-connections.git pia-config
cd pia-config || return 1
sed -i '/ncolors=/d;/check_tool wg-quick/d;/setDNS="no"/d' ./*.sh
After that I just ran their scripts as per their README. I did get the name of the locations by running their scripts on the Linux machine tho, but even that I believe should work on OpenWrt.
I then have another script to pull data from the created configs into OpenWrt network file. From some feedback on reddit I've learned that the PIA wg configs become invalid when PIA reboots their servers.
I got the script up and running. However, when I check my ip the IPv6 is still showing my ISP. PIA says they don't support IPv6. Is there a way to get my IPv6 through my IPv4? Or do I just have to turn IPv6 off?
How did you do it?