Blog / Articles / How to Set Up a Private WireGuard VPN Server on a VPS

How to Set Up a Private WireGuard VPN Server on a VPS

How to Set Up a Private WireGuard VPN Server on a VPS

WireGuard is a free and open-source virtual private network (VPN) protocol that was designed to be fast, simple, and secure. It is a point-to-point VPN protocol that uses encryption to protect the data that is transmitted between the client and the server. WireGuard is very lightweight, with a small code base and low overhead, making it well-suited for use on embedded devices, such as routers and mobile phones.

WireGuard uses public key cryptography to authenticate users and establish secure connections. Each user is assigned a public and private key pair, and the server uses the public key to encrypt data that is sent to the client. The client then uses its private key to decrypt the data and process it. WireGuard uses the ChaCha20 encryption algorithm for data encryption, which is considered to be highly secure and efficient.

Setting up a WireGuard VPN on a VPS can be a quick and easy process if you use the WireGuard installer script. In this article, we will show you how to set up a WireGuard VPN on a VPS (Virtual Private Server) in just a few simple steps.

Prerequisites

  • A VPS running one of the supported Linux distributions: AlmaLinux 8+, ArchLinux, CentOS Stream 8+, Debian 10+, Fedora 32+, Oracle Linux, or Rocky Linux 8+ (in this guide we will use a VPS by COIN.HOST running ArchLinux x64)
  • Root access to the VPS
  • A terminal application, such as PuTTY (Windows) or Terminal (macOS/Linux/Windows)

Step 1: Connect to the VPS using SSH

In order to install the WireGuard installer script on the VPS, you need to connect to the VPS using a terminal application and SSH. To do this, open your terminal application and enter the following command:

ssh root@your-vps-ip-address

Replace your-vps-ip-address with the IP address of your VPS, for example 1.1.1.1. Then, enter the root password when prompted.

Step 2: Download and execute the WireGuard installer script

Once you have connected to the VPS using SSH, you can download and execute the WireGuard installer script by running the following commands in sequence:

curl -O https://raw.githubusercontent.com/angristan/wireguard-install/master/wireguard-install.sh
chmod +x wireguard-install.sh
./wireguard-install.sh

The script will install the WireGuard kernel module and tools on the VPS and configure the VPN. You will be prompted to answer several questions, such as the IP address to use for the VPN and the public key for the VPN server - leave everything default as suggested by the script except for these two entries: 

First DNS resolver to use for the clients (optional): 46.28.201.21
Second DNS resolver to use for the clients (optional): 46.28.201.22

If you are setting up WireGuard server on a VPS from other provider, do not change default DNS resolvers suggested by the script. You will also be asked to enter 'client name' for the config file, it can be whatever you like, for example 'wireguard'. Leave the default IP addresses suggested by script as is and hit enter to proceed.

All done, server is configured: the script has successfully finished it's magic and outputed the QR code that you can scan with WireGuard app on your smartphone to instantly add the configuration to it. If you want to add more clients, you simply need to run this script another time:

./wireguard-install.sh

Step 3: Add VPN configuration to WireGuard app on your device

By using a QR code to add the WireGuard configuration to your mobile app, you can quickly and easily set up a secure VPN connection without having to manually enter any configuration information. This makes it easy to share VPN configurations with friends and colleagues, or to quickly set up new connections on multiple devices.

First of all, download WireGuard app to your phone or PC. On your mobile device, open the WireGuard app and navigate to the "Add Tunnel" button (the plus icon in the top right corner). Here, you should be able to scan the QR code generated in step 2. The app will automatically import the configuration information and create a new VPN connection. To set up VPN connection on your PC or Mac, you need to download the configuration file to it. The configuration file contains information needed to connect to your VPN server using a client app. Open a new Terminal window or tab and enter the following command:

scp root@your-vps-ip-address:/root/the-name-of-your-configuration.conf .

Replace your-vps-ip-address with the IP address of your VPS and the the-name-of-your-configuration.conf with the exact name of the configuration file (you can find it in the script output right below the QR code). The "." at the end of the command specifies the destination directory on your local machine, for example for a Windows machine it could look like this:

C:\Users\COINHOST\Downloads

Step 4: Connect to the VPN

Once the configuration has been imported, you should be able to connect to your VPN server by tapping the "Connect" switch in the app. You can verify that the connection has been established by checking the app's status and by testing your internet connection on this website: ipleak.net. If your traffic is routed through the VPS, your IP address will be the same as the VPS's.

If these steps look overly complicated for you, COIN.HOST offers private crypto VPN servers with dedicated IP address that can be deployed with just a few clicks, without actually needing to configure anything via CLI. Use code CRYPTOVPN to get a 50% discount off first month payment at checkout and enjoy safe and secure browsing.

⏴ Back to Blog

Article Summary

What is WireGuard and why is it so widely used?

WireGuard is a free and open-source VPN protocol designed for speed, simplicity, and security. It uses encryption to protect data transmitted between the client and the server, making it suitable for use on various devices, including mobile phones and routers.

What are the prerequisites for setting up a WireGuard VPN on a VPS?

You'll need a VPS running a supported Linux distribution, root access to the VPS, and a terminal application like PuTTY for Windows or Terminal for macOS/Linux.

How do you connect to the VPS using SSH?

To connect to the VPS, open your terminal application and enter 'ssh root@your-vps-ip-address', replacing 'your-vps-ip-address' with the actual IP address of your VPS. You'll be prompted to enter the root password.

How can you install WireGuard on a VPS?

You can use the WireGuard installer script to quickly set up WireGuard on your VPS. The script installs the WireGuard kernel module and tools, and configures the VPN.

What information do you need to provide during the WireGuard installation?

During the installation, you'll be prompted to answer questions like the IP address for the VPN and the public key for the VPN server. You can leave most settings at their default values.

How do you add VPN configurations to the WireGuard app on your device?

You can scan a QR code generated during the installation process to add the VPN configuration to the WireGuard app on your smartphone. For PC or Mac, you'll need to download a configuration file.

How do you connect to the WireGuard VPN server once it's set up?

After importing the configuration into the WireGuard app, you can connect to the VPN by tapping the 'Connect' switch. You can verify the connection by checking the app's status or using a website like ipleak.net.

What encryption algorithm does WireGuard use?

WireGuard uses the ChaCha20 encryption algorithm, which is considered to be highly secure and efficient.

Can you set up a WireGuard VPN without using the command line?

Yes, COIN.HOST offers private crypto VPN servers with dedicated IP addresses that can be deployed with just a few clicks, eliminating the need for command-line configuration.

Are there any discounts available for setting up a VPN with COIN.HOST?

Yes, you can use the coupon code 'CRYPTOVPN' to get a 50% discount off your first month's payment for a private crypto VPN server from COIN.HOST.

Loading...