Wireguard keys - whats the use of them?


I'm following the following guide to configure my vpn.
Question is, what's the use of the keys in the picture, can they be randomly generated? Never in the video its meant how they are defined..


Thanks, but what's the use of them? Do I need to store them anywhere?

I also tried

# Pre-shared key
WG_PSK="$(cat wgserver.psk)"
# Server public key
WG_PUB="$(cat wgserver.pub)"

From the client guide on openwrt, via putty/SSL, but it returned that not the .psk and .pub files were not found.

You will know when you try to configure a client...


Each end of the link holds its public plus private key as well as the public key of the other end.

The public key is used to identify who is trying to connect. If the public key is not on the receiver's list of allowed keys, the connection is rejected. The receiver then encrypts a random number with the sender's public key and demands that the sender use their matching private key to decrypt it and send the result back. If the numbers match, it proves that the sender holds the private key, but the private key itself remains secret.

It is considered impossible for someone observing this exchange to deduce the private key, which is what would be necessary to impersonate the sender.


Please read the entire key management step carefully:

And read the linked paragraph about key generation/exchange:

Follow the Wikipedia link about public-key cryptography if required:


I wasn't sure if this was slightly a (not sure what word to put here)...but I do want to post the relevant page, directly from the developer:

See: https://www.wireguard.com/#cryptokey-routing

No, Curve25519; and you cannot do what you said to generate a Wireguard key. Please don't provide users bad information.

The commands are:

  • wg genkey
  • wg genpsk
  • wg pubkey - not really needed since you can see the pubkey after saving the config

The Wireguard.com site shows how to use these.

(the command wg --help is your friend here)

See: https://www.wireguard.com/protocol/

What is the use for the correct :key: :old_key: in your :door: :question:

Ummmm...they're supposed to be randomly generated (see the 3 commands above)...otherwise everyone would have the exact same key you saw in the video.


I assume you mean on the Wiregrard page...did you actually read the section that accompanies the video?

(i.e. I think you should simply look at the official documentation and you'd likely be less confused...this is the problem with random YouTube videos...yes, I see it looks like YouTube; but you failed to even mention its origin, why you followed its instructions, or what we're supposed to guess from a screenshot you posted of it.)