- Deploy a Weblet with WireGuard Access
- Install WireGuard
- Set the WireGuard Configurations
- Test the WireGuard Connection
- SSH into the Deployment with Wireguard
- Questions and Feedback
In this Threefold Guide, we show how to set up WireGuard to access a 3Node deployment with an SSH connection.
Note that WireGuard provides the connection to the 3Node deployment. It is up to you to decide which SSH client you want to use. This means that the steps to SSH into a 3Node deployment will be similar to the steps proposed in the guides for Open-SSH, PuTTy and WSL. Please refer to this documentation if you have any questions concerning SSH clients. The main difference will be that we connect to the 3Node deployment using a WireGuard connection instead of an IPv4 or a Planetary Network connection.
- Activated and funded account set up in the TF Playground
- SSH client of your choice
The ThreeFold Playground proposes different basic environments and ready community solutions in the form of easy-to-use weblets. For this guide on WireGuard access, we deploy a Full VM. Note that the whole process is similar with other types of ThreeFold weblets on the Playground.
- Go to the ThreeFold Playground
- Select the weblet Full Virtual Machine
- Click on Network
- Check Add WireGuard Access
- Select a node to deploy on
- Click Deploy
Once the Full VM is deployed, a window named Details will appear. You will need to take note of the WireGuard Config to set the WireGuard configurations and the WireGuard IP to SSH into the deployment.
Note: At anytime, you can open the Details window by clicking on the button Show Details under Actions on the Playground weblet page.
To install WireGuard, please refer to the official WireGuard installation documentation.
When it comes to setting the WireGuard configurations, the steps are similar for Linux and MAC, but differ slightly for Windows. For Linux and MAC, we will be using the CLI. For Windows, we will be using the WireGuard GUI app.
To set the WireGuard connection on Linux or MAC, create a WireGuard configuration file and run WireGuard via the command line:
- Copy the content WireGuard Config from the Playground Details window
- Paste the content to a file with the extension
.conf(e.g. wg.conf) in the directory
sudo nano /etc/wireguard/wg.conf
- Start WireGuard with the command wg-quick and, as a parameter, pass the configuration file without the extension (e.g. wg.conf -> wg)
wg-quick up wg
- Note that you can also specify a config file by path, stored in any location
wg-quick up /etc/wireguard/wg.conf
- If you want to stop the WireGuard service, you can write the following in the terminal
wg-quick down wg
Note: If it doesn't work and you already did a WireGuard connection with the same file, write on the terminal
wg-quick down wg, then
wg-quick up wgto reset the connection with new configurations.
To set the WireGuard connection on Windows, add and activate a tunnel with the WireGuard app:
- Open the WireGuard GUI app
- Click on Add Tunnel and then Add empty tunnel
- Choose a name for the tunnel
- Erase the content of the main window and paste the content WireGuard Config from the Playground Details window
- Click Save and then click on Activate.
As a test, you can ping the virtual IP address of the VM to make sure the WireGuard connection is properly established. Make sure to replace
VM_WireGuard_IP with the proper WireGuard IP address:
- Ping the deployment
ping -c 2 VM_WireGuard_IP
To SSH into the deployment with Wireguard, use the WireGuard IP shown in the Playground Details window.
- SSH into the deployment
You now have access to the deployment over a WireGuard SSH connection.