Everyone from casual Linux users to Linux creator Linus Torvalds is interested in WireGuard. What is WireGuard and why is it so special?
What is WireGuard?
WireGuard is an easy-to-configure, fast, and secure open source VPN that takes advantage of the latest encryption technologies. The goal is to provide a faster, simpler, and leaner general-purpose VPN that can be easily deployed on low-end devices like raspberry PI to high-end servers.
Most other solutions, such as IPsec and OpenVPN, were developed decades ago. Security researcher and kernel developer Jason Donenfeld realized that they were slow and difficult to configure and manage properly.
This led him to create a new open source VPN protocol and solution that was faster, more secure, and easier to deploy and manage.
WireGuard was originally developed for Linux, but is now available for Windows, macOS, BSD, iOS, and Android. It is still under active development.
Why is WireGuard so popular?
In addition to being cross-platform, one of the biggest advantages of WireGuard is that it is easy to deploy. Configuring and deploying WireGuard is as easy as configuring and using SSH.
Check out the WireGuard setup guide. Install WireGuard, generate public and private keys (like SSH), set firewall rules, and start the service. Now compare this to the OpenVPN Setup guide — there’s so much to do.
Another benefit of WireGuard is that it has a compact code base of only 4000 lines of code. Compare this to the 100,000 lines of OpenVPN, another popular open source VPN. Obviously, debugging WireGuard is much easier.
Don’t underestimate it for its simplicity. WireGuard supports all the latest encryption technologies, such as the Noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, HKDF, and secure trusted structures.
Because WireGuard runs in kernel space, it provides a secure network at high speed.
These are some of the reasons why WireGuard is growing in popularity. Linux creator Linus Torvalds liked WireGuard so much that he incorporated it into Linux Kernel 5.6:
Can I restate my love for it and hope it merges soon? Maybe the code isn’t perfect, but I don’t care, it’s a work of art compared to the horrors of OpenVPN and IPSec.
Linus Torvalds
If WireGuard is already available, what’s the big deal about including it in the Linux kernel?
This can be confusing for new Linux users. You know that you can install and configure a WireGuard VPN server on Linux, but you will also see the message that Linux Kernel 5.6 will contain WireGuard. Let me explain to you.
Currently, you can install WireGuard as a kernel module in Linux. Conventional applications such as VLC and GIMP are installed on top of the Linux kernel (in user space), not inside.
When installing WireGuard as a kernel module, you basically need to modify the Linux kernel and add code to it yourself. Starting with the 5.6 kernel, you don’t need to manually add kernel modules. It will be included in the kernel by default.
The inclusion of WireGuard in the 5.6 kernel is likely to extend the adoption of WireGuard and change the current VPN landscape.
conclusion
WireGuard is popular for good reason. Some popular privacy-focused VPNS such as Mullvad VPN already use WireGuard, and adoption is likely to grow in the near future.
Hope you know something about WireGuard. As always, feedback is welcome.
via: itsfoss.com/wireguard/
By Abhishek Prakash (Lujun9972
This article is originally compiled by LCTT and released in Linux China