Comment 11 for bug 1892798

> Our kernel ships wireguard modules by default anyway, and one can configure wireguard via networkd and soon via netplan. Which is our default tooling to interact with the wireguard kernel module.

How should we generate the wireguard keys without `wg`? openssl? It's a significant deviation from upstream and what you will find documented out there, and puts the burden on us to make sure the keys were correctly generated, with the correct entropy source, number of rounds (if applicable), etc.