For now, this is a manual process to access the “new” Sepia lab in Poughkeepsie, NY.

1. For Mac, Install Wireguard from the App Store

For Linux,

sudo apt install wireguard-tools
# or
sudo dnf install wireguard-tools

2. Install wireguard-tools using Homebrew

brew install wireguard-tools

3. Create a directory for a Wireguard keypair. E.g.,

mkdir ~/.wireguard

4. Generate a keypair

wg genkey | tee ~/.wireguard/private.key | wg pubkey > ~/.wireguard/public.key

Keep the Private Key secret!!

5. Send the public.key contents to David or Dan. They will update the Wireguard server and give you your VPN IP address.

6. Create ~/.wireguard/client.conf

PRIVATE_KEY=$(cat ~/.wireguard/private.key)

cat <<EOF > ~/.wireguard/client.conf
[Interface]
PrivateKey = $PRIVATE_KEY
Address = X.X.X.X/32
DNS = 10.20.192.11, front.sepia.ceph.com, ipmi.sepia.ceph.com

[Peer]
PublicKey = kyEHy3ZBewI5RiK4/a0/UQn6O1kMt3h8V3u0OwsfUXc=
AllowedIPs = 172.16.48.0/24, 10.20.192.0/20, 10.20.208.0/20, 172.16.50.0/23, 172.16.53.0/25, 172.16.55.0/26, 172.16.56.0/23, 172.16.59.0/25, 172.16.60.0/25
Endpoint = 192.86.31.5:1194
PersistentKeepalive = 25
EOF

6. Once Dan or David give you your private IP, replace X.X.X.X in client.conf with it.

7. On Mac OS, open the Wireguard GUI. Press Command+O and open ~/.wireguard/client.conf

8. Click Activate

Success looks like