I don't mind the wg-quick command line interface but I must say that the #1 thing that bothers me with wg is that the private keys are stored directly in the config. That means that every time I add a new users the keys are plainly readable on my screen.
Is there a simple way to work around this issue? Can I include the keys from a 3rd party file for instance? I guess I could always just pre-process the config file to generate the final one from multiple sources.
In case others got confused by this thread (I thought for a minute "how do you know which private key goes with which peer", is PostUp per peer, etc)... There is only one private key per interface on the server (or anywhere for that matter) and all the other peers are public keys.
Right, my use of the plural was confusing. It's just that in general when you add a client you end up editing both the client and the server config, so both keys end up being disclosed on the screen.
What I do is that I have scripts to manage the configuration file, rather than manually editing it. So you never open the configuration file in a terminal in order to see the private key.
Is there a simple way to work around this issue? Can I include the keys from a 3rd party file for instance? I guess I could always just pre-process the config file to generate the final one from multiple sources.