Is this a verbatim transcript, because:
On the NetBSD server:# (umask 0077; wg-keygen > /etc/wg0) # wg-keygen --pub < /etc/wg/wg0 > /etc/wg/wg0.pub
1) the file paths don't match...
# cat /etc/wg0.pub
1WaiYse6arup/pNqos7CyvtsTm6O8PN+/s/6UZdk0kc=
[...]
# wgconfig wg0 add peer sevastopol \
1WaiYse6arup/pNqos7CyvtsTm6O8PN+/s/6UZdk0kc= \
--allowed-ips=10.2.0.42/32
and, 2) it should be the other side's pubkey, not the server's own. -RVP
