GUI instructions - installing Wireguard on Silverblue

I need graphical user interace (GUI) instructions for installing Wireguard on Silverblue - Fedora 34. I’m visiting family at the moment and evidently they have Avast - which I do not want to use and I don’t want the VPN that they have set up with the router to interfere with mine.
I’ve read the 1981 internet protocol that was published by DoD. I’m so immeasurably frustrated that something like an encrypted tunnel from end point to end point is such a complicated issue.
Is the process going to be setting up a virtual machine as the “Server VPN” and have my computer be the “Client VPN” OR do I set up a virtual machine as the “Server VPN” and another virtual machine as a “Client VPN” and then what does that make my computer? I’m literally looking for step-by-step baby step instructions with an assumption that I’ve never even heard of a VPN before and I’m looking for this to be done 100% via a graphical user interface (GUI). The articles on Fedora Magazine are not sufficient for a beginner and only show command line instructions and the only video on YouTube that’s worth watching is chaotic with a guy typing a millions commands plus he’s using Ubuntu anyways. GUI instrucitons please.

If they are already using a vpn why add another layer. Since you are just visiting you can temporarily disable your own vpn, use the one they already have configured at router level and go with it. When you are back on your own network go back to your own vpn.

The fact they have avast has no bearing on your internet since as long as you are using their network then you by default are using their provider.

If you insist on using your own vpn, and assuming the vpn server is accessible from your location, there should be no difference than when at home. Your vpn should be from your machine (laptop) to the server and just rides inside the existing vpn tunnel.

I also want to know if there is a GUI based Wireguard configurator available for Fedora Workstation / Silverblue.

The above is how to enable the WireGuard “plugin” for NetworkManager - not GUI but it is not using Wireguard’s standalone cli only.

1 Like

Yes, this is the article that I was referring to before. It doesn’t add any value for where I’m at, but thnaks for sending over.

1 Like

With all due respect, I was looking for GUI instructions on how to set up the Wireguard VPN on Fedora Silverblue, not advice on what I should be doing with a presumption that I had one set up before.

Another reason is becaue I use Amazon Web Services (AWS) to setup EC2 instances, ELBs etc. so I can start consulting with actual clients and make money off of services. The person that manages the VPN here has no idea what they’re doing - and they randomly decided to change the address - and since I’m super new to Linux and following an AWS course on how to set these cloud infrasturctures up - I had to just shut them down because I was no longer able to connect (IAM policy conflicts).
I haven’t come across anyone that has sucessfully set up a VPN on a YouTube tutorial or anything else via GUI. OpenVPN evidently just had massive security vulnerabilities and honestly - none of that matters. VPN’s should be simple, point and click free solutions to protect your identity and information from being transmitted widely over the internet. There’s literally no point in moving forward with any future releases of any distribution if a GUI VPN hasn’t been developed. I’m so confused as to how there can be so much capital injected into these projects and the corporations that profit from them - yet the decency of giving people basic privacy for browisng the internet is to either use Mozilla Firefox which is horrible - or only available for people that use the command line for everything - a concept of “security” from the CLI that should’ve died in the 90s.
Regarding a server - i don’t have a personal VPN server - that’s what WireGuard is supposed to be ? WireGuard is supposed to be both the VPN Server and the VPN Client for someone that has neither right now.

I think you are misinterpreting what a vpn is & does.
It securely connects you via a tunnel from one point to another, the remote being a vpn server and may be free, paid, or company owned. I think the original premise was that a vpn was a secure way for a remote worker to connect to the business network as if local so security was maintained.

What happens after that with your internet travels and connections is really no different than going directly to the internet from home, work, or where ever. Thus it depends upon the user where they go and what information is available if work is not entirely within the corporate network.

Yes, wireguard can be a server for incoming, and can be a client for outgoing, but it still depends upon what your use is as to how secure the communications are.

Your comment about changing an IP address makes me think that a ddns service might be good to keep clients always able to reach your address by domain name even when the IP changes as happens for anyone with a dynamic IP.

2 Likes

Thanks for the info. My use case is this - I want to be able to install a VPN so that anything I search for on the internet is encrypted. I want an encrypted tunnel between my computer and the internet browser.
Past that, I’d love to be able to install what opensource.com (Red Hat) has posted and what I seemingly have absolutely no idea how to provision at this point.
I’d liek an admin portal - which looks like OpenShift which is OpenStack - that has eCommerce and open source healthcare solutions and I’d like to deploy that, but it’s nearly impossible b/c it’s so unorganized.
Microweber e-commerce CMS | Opensource.com
https://www.cms.gov/regulations-and-guidance/legislation/ehrincentiveprograms?redirect=/ehrincentiveprograms/

https://novnc.com/screenshots.html

The reality is, there are (from what I see) 1.5 million man pages that have 10,000 functions. In other words, there’s 150 ways to do the same thing. The system is so broken that I’m shocked the DoD has even let it carry on the way that it has.

A VPN connection is a end-to-end tunnel. It will only provide security between the two end points.

I am curious to know where will your local Wireguard Client be connecting to, so that it will encrypt all of your internet searches.

So here’s a quick breakdown:

I have a computer
my computer has a physical IP address
my computer goes through my router to the web server
the web server takes my computers IP address and the IP address of my router and uses that
the router that i’m using seemingly has a VPN from Avast - but it changes often so that means when I have a .pem key from launching an Amazon EC2
I’ve assigned my EC2 instance an Elastic IP and I believe the router’s IP is static but obviously the VPN changes - making it dynamic. When the VPN IP address changes, my AWS EC2 instance denies my gaining access to the VPS b/c it’s being pointed to a different location, or IP address by the Avast VPN.
The alternative - I thought - would be to connect my computer to a VPN server
The first endpoint would be my computer that has a “Client VPN” blocking my physical IP address
The second point would be routing through the router and that IP address - which is attached to a VPN as well
The third endpoint would be literally any website on planet Earth, the moon and most recently - Mars.

From what I understand, Gnome Box VM’s don’t even hide your physical IP address or MAC address or anything really? So if someone wanted to use the hacking tools that are in Linux - well there wouldn’t be much stopping them from getting literally all of my passwords and information…

Year: 2021

are you sure the router is establishing a VPN connection to avast? if so, why? turn it off. cancel you subscription.

all the outside world (the internet) can see is your public IP address. what is going on internally with hosts and virtualized hosts doesn’t matter for what you call “web server”, see Network address translation - Wikipedia

interesting, I would be curious to learn how to do that, just for research purposes. could you share any insights?

as for you initial question, it is treated, and has been partly answered here:

1 Like

Gothca - thanks, Sure thing, I’ll map them out. Here’s how you:

Get Kali Linux - Get Started with Kali Linux as a Bootable Live USB [Tutorial] - YouTube
Fingerprint Web Apps & Servers for Better Recon [Tutorial] - Fingerprint Web Apps & Servers for Better Recon [Tutorial] - YouTube

Clear the Logs & History on Linux Systems to Delete All Traces You Were There [Tutorial] - Clear the Logs & History on Linux Systems to Delete All Traces You Were There [Tutorial] - YouTube

Haunt a Computer Using SSH [Tutorial] - Haunt a Computer Using SSH [Tutorial] - YouTube

How Hackers Can Find Hidden Wi-Fi Networks & Their Names - How Hackers Can Find Hidden Wi-Fi Networks & Their Names - YouTube

Generate Crackable Handshakes with the ESP8266 [Tutorial] - Generate Crackable Handshakes with the ESP8266 [Tutorial] - YouTube

Watch Hackers Craft Malicious Office Macros (ft. Kilian from SecurityFWD) - Watch Hackers Craft Malicious Office Macros (ft. Kilian from SecurityFWD) - YouTube

I mean just follow that channel in general. Then look at:

how to HACK a password // password cracking with Kali Linux and HashCat - how to HACK a password // password cracking with Kali Linux and HashCat - YouTube

You get the point.

So, regarding the VPN and just general freedom to have privacy haha… I’ll check out the blog post again. I don’t understand how it’s so easy to find out how to track and airplane from a video tutorial but something as basic as a VPN seems to have so many different components to the workload that could break at any moment. It’d be great to set other people up on a VPN, put a number of containeres into a host container and launch that into a NoVNC web browser.

Can you please remove the hashtag symbols or even better the whole first part of the links.
It gets interpreted as a Headline.

# Generate Crackable Handshakes with the ESP8266 [Tutorial] -

With all due respect, it’s none of your business why I don’t just turn it off at the Router level. I genuinely mean that as well - I don’t mean to disrespect you, but posting in a public forum why I don’t do that shouldn’t even be a consideration as a response.

I’m gathering that no one has developed a GUI to use this Wireguard VPN. I clicked through the link that you sent, and the link that was in there and the link in that one too. Thanks for the effort but it didn’t provide an actual GUI answer.

1 Like

VPN provides a false sense of security. If required, your “true IP” can be easily leaked. Moreover, VPN providers are hacked all the time, logs are being leaked. (https://gist.github.com/joepie91/5a9909939e6ce7d09e29 and https://ascensiongt.com/2020/07/21/vpns-and-a-false-sense-of-security/)

Forget the GUI solution if you want to setup your peer machine (your VPS in the cloud, your exit node, or “server”) yourself. You are likely running an Ubuntu or Fedora server (?) without GUI anyways. So, you need to learn how to setup wireguard from command line interface. If you have learned doing that for your “server”, you can replicate it for your workstation(s).

It’s integrated in Network Manager in Gnome, consider searching the internet.
https://wiki.archlinux.org/title/NetworkManager#VPN_support

1 Like

Hmm okay now this is starting to make more sense. I learned how to set up the EC2 instance from the Tutorialinux course and this video as well: Amazon AWS Tutorial #1: Cloud Sysadmin - Your First EC2 Instance - YouTube

As it relates to connecting to these EC2 instance “servers” from SSH’ing into it from (let’s just say) a regular WorkStation - whether it be my actual workstation or Ubuntu - that’s actually quite easy. It’s something that I can easily do because someone walked me through the: context of the video, purpose for the demonstration, considerations while launching (security groups, dependencies etc.), and definitions of what all of this stuff is - at least as it relates to just getting this VPS for WordPress up and running.

I’m at the point now where I DO NOT know how to take this process and set up actual GUI workstations for partners, family, friends in their own VM instance using virtualbox or whatever; I don’t understand how this is the same thing as setting up a VPN or anything of that nature but I can kinda start to see where you’re coming from…, and I certainly don’t know how to set up a website portal with something like Gluu, openstack or anything like that. I guess the traditional way to set up servers to be able to work with different technologies was to just connect to Fedora’s servers directly. Now it seems like Amazon, Google, IBM etc. give you an opp to do this via the browser and this is a jumping off point into cloud infrastructure. So, if I SSH into a newly spun up EC2 instance - which I can’t access b/c the god damn VPN keeps changing the IP address, then I’d be able to just SSH into Wireguard and generate both client and server keys, then go to network manager from gnome and add whatever I need to by navigating around this (what should be non-existent) command line?

Have you ever spoken with the provider about this? Normally they give you a way to access over VPN with a fix IP or let you do with a ddns service.

You know, with opensource it is not like free as free beer. With services and consulting in opensource communities they earn their money. Organize you an consultant who helps you set up as you need for one workplace, ask as much as you need and afterwards do it on your own for the next ones.

1 Like

okay so there’s no way to easily install the WireGuard VPN via a GUI. The strategy here is to loop people in w/ Lenovo, offer them “free” everything that’s not really free, offer tons of documentation to the point where people either give up or - the optimal outcome - they hire a company like Red Hat - that’s using non-profits as a tax write off - or someone else that’s anonymous but the risk in the anonymous folks is that they could be hackers ha. For the record, no one pays for software… the companies do - people like me just can’t stand Microsoft or Apple and it’d be great if what Linux appeared to be was actually what it is.

I just came back to read this and you basically said that I have to use the command line becuase it’ll be running on a server. The server can be either my computer, an exit computer/node, or a VPS. Let’s say I did the VPS. It looks like I install WireGuard on both the VPS - like an Amazon EC2, then install it on my computer. If there was a “CEO” of Fedora, who would that be? Who is in charge of operations? Who is in charge with the Lenovo relationship? Who is in charge with the financial side is probably the most important in this question. I don’t want to reach out to an anonymous profile and this VPN is arguably one of the most critical elements of the research I’m doing. If this is seriously the end result - the messages on these threads and recommendations - then there is a massive problem that needs to be addressed.

So, you tried to set up the wireguard between your Fedora Workstation and your EC2 instance?
Where are you stuck? What are the error messages? Any logs?