Wireguard Guide - I dont understand the key exchanges

There are supposedly no stupid questions so please bare with me.
Following this tutorial, I'm sure I misunderstand something, but I don't get some parts: https://openwrt.org/docs/guide-user/services/vpn/wireguard/basic

Eventually network.wgclient.public_key comes from wgserver.pub. Why is that? Is it a profile export sort of "alias" to be imported BY the client? If not, why is the server key named client key?

Details from the guide:
Generate server keys and a pre-shared key. Exchange the public keys and the pre-shared key between the server and the client [...]
wg genkey | tee wgserver.key | wg pubkey > wgserver.pub # this line generates the keypair of the server, right?
WG_KEY="$(cat wgserver.key)" # this is the private key of the server?
WG_PUB="$(cat wgserver.pub)" # this is the public key of the server

then later on:

Add VPN peers
uci set network.wgclient.public_key="${WG_PUB}"

A nit here, but an important one...
Technically, in WG verbiage, there is no "client" and "server" -- all devices are just peers. So while we often say client and server (my phone is the 'client' and my OpenWrt router with WG acts a 'server'), WG doesn't have any way to differentiate (and doesn't care) what role a given side takes. They're just peers.

With that in mind, the guide probably shouldn't use client and server, either, but it is easier to follow from human perspective)..

You can think of it this way.... each peer has a public and a private key pair (cryptographically related). The private keys should exist only locally, while the public keys are shared and become part of the connection configuration on each peer.

IIRC, when the data is flowing, each per sends the public key of the remote peer (from the perspective of whichever peer is sending data) AND the its own private key. The other side receives the keys and evaluates as follows:
1) Does the public key sent to me match my own public key
2) Does the private key sent to me by the peer, after a cryptographic manipulation, match the previously exchanged public key I have on file for that peer.
3) (Optional) Does the preshared, if present, key match the preshared key I have on file

If both (or all 3) all conditions are true, communication commences. If anything is false, the receiving peer simply drops the packets (no replies are issued).

EDIT: strikethroughs and a few corrections since my understanding of WG keys was incorrect. Read on, there's better (i.e. more correct) info in the posts that follow.

Alright, so watching some youtube on the topic, I realized that it is the same command to be run on two different unix/linux computers. And therefore the public key gets exchanged after the generation but before attributing value to the variable. And therefore the "client" public key is generated by the wg pubkey > wgserver.pub line on the "client" machine.

Not quite. Assume you have a simple setup with 2 peers. Peer 1 encrypts the data with the public key for peer 2. It then transmits the data to peer 2 which uses it's private key to decrypt the data. It then verifies if the IP that the data has come from is in it's 'allowed IPs' field. If so then it's allowed through. If not then it isn't. The private key never gets sent anywhere.


thanks for the corrections, @krazeh. I wasn't positive about the private key transfer (and that was indeed incorrect)... it makes more sense now.

And yes, I was only really thinking of a 2-peer configuration.

To be honest, it doesn't really change much when you add additional peers. All wireguard does is determine which peer the data is for based on the destination IP (which it checks against the Allowed IPs field for all peers) and then encrypts with the corresponding public key. The receiving peer then decrypts and checks the source IP is in the Allowed IPs field for the peer the data has come from.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.