WireGuard/RockyLinux9

WireGuardサーバを RockyLinux9 で作ってみる

[root@rockylinux9 ~]# cat /etc/redhat-release
Rocky Linux release 9.2 (Blue Onyx)
 
[root@rockylinux9 ~]# uname -r
5.14.0-284.11.1.el9_2.x86_64
 
[root@rockylinux9 ~]# mokutil --sb-state
SecureBoot enabled
 
[root@rockylinux9 ~]#

WireGuardのサーバになるには「wireguard-tools」とカーネルモジュールの「wireguard.ko」が必要.
幸いRockyLinux9のkernelは初めから「wireguard.ko」を持っているので「wireguard-tools」のみ入れればいい

[root@rockylinux9 ~]# dnf install epel-release -y
 
[root@rockylinux9 ~]# dnf install wireguard-tools

次にカーネルモジュールの「wireguard.ko」ですが、

[root@rockylinux9 ~]# modinfo wireguard
filename:       /lib/modules/5.14.0-284.11.1.el9_2.x86_64/kernel/drivers/net/wireguard/wireguard.ko.xz
alias:          net-pf-16-proto-16-family-wireguard
alias:          rtnl-link-wireguard
version:        1.0.0
author:         Jason A. Donenfeld <Jason@zx2c4.com>
description:    WireGuard secure network tunnel
license:        GPL v2
rhelversion:    9.2
srcversion:     D8887E19C35C43EAFDBA026
depends:        udp_tunnel,curve25519-x86_64,ip6_udp_tunnel,libcurve25519-generic
retpoline:      Y
intree:         Y
name:           wireguard
vermagic:       5.14.0-284.11.1.el9_2.x86_64 SMP preempt mod_unload modversions
sig_id:         PKCS#7
signer:         Rocky kernel signing key
sig_key:        41:D4:BE:45:2E:45:46:72:2C:11:AE:33:1A:95:90:6E:B7:F5:DD:F4
sig_hashalgo:   sha256
signature:      4A:2C:77:20:87:BC:65:AD:01:53:97:D7:DF:11:2A:D2:74:6F:8A:89:
                2B:8A:E1:55:FA:36:5B:45:C2:C4:2B:20:F4:D6:AC:CB:16:8C:CD:44:
                D8:54:CD:00:AB:E0:E2:2E:66:AC:DF:28:13:B1:77:82:02:31:63:73:
                6C:E9:5C:C1:2E:52:C9:D2:A9:9A:D8:8F:C9:5A:30:9F:0D:AD:4C:59:
                95:95:6D:B8:7B:8D:51:7D:A4:AC:CD:2D:53:ED:51:26:DF:65:C8:FA:
                6A:E7:11:2D:FE:EE:53:CF:05:D6:F6:C6:72:C9:07:B7:EE:F3:C6:80:
                03:90:32:5F:BF:C4:6B:64:49:4E:74:AB:EA:C3:31:B6:BB:D6:DD:B0:
                C3:27:35:11:44:AB:A3:D8:71:82:28:CA:77:82:7C:5B:7F:6D:2A:FF:
                3E:C5:28:50:21:C3:2F:51:46:84:DC:4D:49:8E:71:0B:2B:4D:DE:73:
                81:A6:9D:09:E1:29:EB:6C:0D:44:2E:CE:6B:FB:9E:90:0D:97:D6:91:
                C8:98:07:EC:DC:0D:6F:56:42:D3:64:9B:36:23:4C:E4:DF:3F:F0:E5:
                F7:67:35:7C:E7:BA:61:7A:4D:13:55:72:C3:31:4F:3C:F2:58:4B:69:
                26:69:48:87:C3:E4:F8:13:E2:BE:46:F5:9B:85:FF:66:5D:BF:48:F5:
                8F:F5:71:FC:3E:56:5D:24:6E:1E:3F:A2:58:FA:DD:6C:49:F7:3D:A5:
                4C:AC:2A:DA:F5:66:DB:06:DF:5B:2E:3B:AE:85:B6:C8:2E:7A:0C:0A:
                1C:16:C2:A8:00:DE:60:33:0B:4C:7D:43:AF:BF:26:AF:6E:B8:E2:B5:
                47:0C:2E:B0:06:31:72:2C:4B:7F:58:A2:63:13:67:33:08:1B:BA:1D:
                CB:D1:D8:0B:BA:08:3F:4C:73:90:86:EA:E0:22:ED:98:F2:52:F7:83:
                0E:19:74:D2:14:DC:53:5E:1A:FC:D7:96:D0:52:A3:25:96:B2:FD:76:
                44:2B:D8:85
[root@rockylinux9 ~]#

と既に組み込まれているのでWireGuardの「systemctl enable wg-quick@wg0」の時にロードされます

御品書き
■samba(更新) DNS
win参加 lin参加
 ユーザ登録(1,2)
ホームディレクトリ
 共有フォルダ(1)
VSS DC追加 GPO SSO
透過的ファイル圧縮
 Server-Side Copy
ルータ超え時刻同期
 ログオンスクリプト
 NAS参加(1) NFS DFS
Mac参加(NFS)
ownCloud
リモートディスクトップ
 ディスクトップ
 smb3マルチチャンネル
 backup
メモ OpenAM
samba/LDAP XP
RSAT nisでsmb
admin-tools