|
WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It can be a useful replacement for IPSec or OpenVPN.
You can install wireguard from the Apps section of the FreedomBox web interface.
Point-to-point tunnel
VPN client with default route
Note: These steps are handled automatically on FreedomBox. So you only need to follow these steps on any Debian clients that will connect to FreedomBox, or Debian servers that FreedomBox will connect to.
WireGuard has a user space implementation for mobile devices available via the WireGuard app - available for Android and iOS (a full list of supported operating systems is available here).
The client can be configured in several ways:
This is self-explanatory, you actually create the config on the mobile device then transfer the relevant keys to the server's config.
Here you have to create a .zip archive of the client configuration file, transfer it to the device then import it into the app.
The mobile client as of version 0.0.20180724 supports QR code based input.
DebianPackage:qrencode can be used to generate qr codes, even in a terminal/console using UTF8 characters.
The syntax is:
# qrencode -t ansiutf8 < client.conf
This will generate a QR code that is readable by the mobile client.
The advantage of this approach is that there is no need to transfer sensitive information via data channels that can potentially be compromised and there is no need for any additional software.
Website: https://www.wireguard.com