[FEAT] Option to disable PRESHARED KEY

Question

[FEAT] Option to disable PRESHARED KEY

Closed this issue 4 months ago · 3 comments

Is this a new feature request?

I have searched the existing issues

Wanted change

Hi
I've a SLZB-06M device (https://smlight.tech/product/slzb-06m/) , and this device in his VPN configuration doesn't support "Preshared key" option (PreSharedKey)

In order to use wireguard, I'm been able to connect to vpn if I use the 2020 container version "amd64-v1.0.20200827-ls12". This wireguard container version (lscr.io/linuxserver/wireguard:amd64-v1.0.20200827-ls12) doesn't has "preshared key" and then works with this device.

I wonder if it's possible to have a option to disable "PRESHARED KEY" and then, this device can use the newest wireguard version.

Maybe this feature is very important regarding security and cannot be removed under any circumstances?

Reason for change

To support SLZB-06M devices without preshared key option

Proposed code change

No response

Answer 1 · 2024-09-06T11:35:47.000Z

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

Answer 2 · 2024-09-06T14:02:00.000Z

There is no way to disable it, but you can fake trigger the backwards compatibility. When we added preshared keys, we put in a mechanism to skip generating a preshared key for existing confs so as not to break it for existing users: https://github.com/linuxserver/docker-wireguard/blob/master/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run#L80

Try deleting everything from the peer's conf folder except for the private key. Then delete the server's wg0.conf and restart the container. It should generate a conf for that peer without a preshared key.

Answer 3 · 2024-09-06T15:02:38.000Z

There is no way to disable it, but you can fake trigger the backwards compatibility. When we added preshared keys, we put in a mechanism to skip generating a preshared key for existing confs so as not to break it for existing users: https://github.com/linuxserver/docker-wireguard/blob/master/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run#L80

Try deleting everything from the peer's conf folder except for the private key. Then delete the server's wg0.conf and restart the container. It should generate a conf for that peer without a preshared key.

Thanks for the support, I'll try it. In addition SLZB-06M device support have just indicated "preshared key" option will be included into a new firmware version of their device, great news too!

Thanks again for your reply, it has been very useful to me, I am closing this issue.