diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-07-18 15:54:01 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-07-18 15:54:01 +0200 |
| commit | 788d5be8d4d6dbfd4abac2fd06f8de2d366358cd (patch) | |
| tree | ea146291c78ce094ea8df3b556cb392cf5e18d9e /docs/configuration/pki | |
| parent | 09ba9026102728c7ab30d5663002f36f16b6010e (diff) | |
| download | vyos-documentation-788d5be8d4d6dbfd4abac2fd06f8de2d366358cd.tar.gz vyos-documentation-788d5be8d4d6dbfd4abac2fd06f8de2d366358cd.zip | |
pki: add WireGuard key generation section
Diffstat (limited to 'docs/configuration/pki')
| -rw-r--r-- | docs/configuration/pki/index.rst | 44 | ||||
| -rw-r--r-- | docs/configuration/pki/pki_cli_import_help.txt | 13 |
2 files changed, 49 insertions, 8 deletions
diff --git a/docs/configuration/pki/index.rst b/docs/configuration/pki/index.rst index 282b517b..e44e1ba3 100644 --- a/docs/configuration/pki/index.rst +++ b/docs/configuration/pki/index.rst @@ -111,8 +111,50 @@ OpenVPN .. opcmd:: generate pki openvpn shared-secret - Genearate a new OpenVPN shared secret. + Genearate a new OpenVPN shared secret. The generated secred is the output to + the console. +.. opcmd:: generate pki openvpn shared-secret install <name> + + Genearate a new OpenVPN shared secret. The generated secred is the output to + the console. + + .. include:: pki_cli_import_help.txt + +WireGuard +--------- + +.. opcmd:: generate pki wireguard key-pair + + Generate a new WireGuard public/private key portion and output the result to + the console. + +.. opcmd:: generate pki wireguard key-pair install <interface> + + Generate a new WireGuard public/private key portion and output the result to + the console. + + .. note:: In addition to the command above, the output is in a format which can + be used to directly import the key into the VyOS CLI by simply copy-pasting + the output from op-mode into configuration mode. + + ``interface`` is used for the VyOS CLI command to identify the WireGuard + interface where this private key is to be used. + +.. opcmd:: generate pki wireguard pre-shared-key + + Generate a WireGuard pre-shared secret used for peers to communicate. + +.. opcmd:: generate pki wireguard pre-shared-key install <peer> + + Generate a WireGuard pre-shared secret used for peers to communicate. + + .. note:: In addition to the command above, the output is in a format which can + be used to directly import the key into the VyOS CLI by simply copy-pasting + the output from op-mode into configuration mode. + + ``peer`` is used for the VyOS CLI command to identify the WireGuard peer where + this secred is to be used. Configuration ============= diff --git a/docs/configuration/pki/pki_cli_import_help.txt b/docs/configuration/pki/pki_cli_import_help.txt index 89351903..16618214 100644 --- a/docs/configuration/pki/pki_cli_import_help.txt +++ b/docs/configuration/pki/pki_cli_import_help.txt @@ -1,8 +1,7 @@ -In addition to the command above, the output is in a format which can be used -to directly import the key into the VyOS CLI by simply copy-pasting the output -from op-mode into configuration mode. - -Name is used for the VyOS CLI command to identify this CA on the running -configuration. - +.. note:: In addition to the command above, the output is in a format which can + be used to directly import the key into the VyOS CLI by simply copy-pasting + the output from op-mode into configuration mode. + ``name`` is used for the VyOS CLI command to identify this key. This + key ``name`` is then used in the CLI configuration to reference the key + instance. |