27 votes

WireGuard has been merged into Linux 5.6

7 comments

  1. dedime
    (edited )
    Link
    WireGuard is a new and performant VPN written by Jason A. Donenfeld. In the past, VPNs have been incredibly cumbersome to install and configure - speaking from personal experience, setting up even...

    WireGuard is a new and performant VPN written by Jason A. Donenfeld. In the past, VPNs have been incredibly cumbersome to install and configure - speaking from personal experience, setting up even OpenVPN can be a bit of a nightmare between setting up config files, certificates, various packages and multitudes of config files.

    WireGuard not only makes a VPN a joy to set up and use, it does so with an extremely small code base (~5000 LOC). It also outperforms classic VPNs - see https://www.wireguard.com/performance/ for details. The ip tool may be used to configure WireGuard interfaces on Linux in conjunction with the separately packaged wg (and optional wg-quick) tools. Configuration for WireGuard is not unlike SSH.

    I'm extremely excited for Jason and everybody else that has been involved in WireGuard's development. For the code-inclined, I encourage you to review WireGuard's many different source repositories at https://git.zx2c4.com - it's extremely well written and serves as a source of inspiration, personally.

    6 votes
  2. [4]
    SkewedSideburn
    Link
    I'm extremely happy that I won't need to do sudo dnf remove wireguard-dkms && sudo dnf install wireguard-dkms anymore (My dkms stuff just stopped rebuilding for some reason and I never had the...

    I'm extremely happy that I won't need to do sudo dnf remove wireguard-dkms && sudo dnf install wireguard-dkms anymore (My dkms stuff just stopped rebuilding for some reason and I never had the energy to figure out why. Well, I did figure it out once, but then it broke again after a few updates, and it was easier for me to just remove-install the whole thing)

    5 votes
    1. [3]
      calm_bomb
      Link Parent
      I guess it depends on the repo you got it from. I was using a COPR repo (I assume you use fedora) and had this issue, but then wireguard got included in rpmfusion and never looked back.

      I guess it depends on the repo you got it from. I was using a COPR repo (I assume you use fedora) and had this issue, but then wireguard got included in rpmfusion and never looked back.

      1 vote
      1. [2]
        SkewedSideburn
        Link Parent
        I used instructions from Wireguard's site and then never checked them again. I see now that COPR is suggested for Fedora ≤31 and for 32 and higher it's included in the default repo. Thanks for the tip

        I used instructions from Wireguard's site and then never checked them again. I see now that COPR is suggested for Fedora ≤31 and for 32 and higher it's included in the default repo. Thanks for the tip

        1 vote
        1. calm_bomb
          Link Parent
          Yeah... Anyway, it will be included in the 5.6 kernel, so you won't have to bother too much after that. It's really a great step for wireguard and easy VPN configuration for a lot of people. I...

          Yeah... Anyway, it will be included in the 5.6 kernel, so you won't have to bother too much after that. It's really a great step for wireguard and easy VPN configuration for a lot of people. I have three of four VPN connections at work for various purposes and Cisco AnyConnect is one of the worst to configure - we use the openconnect implementation and had to ask the admins to try to not complicate the server config so it could work with it.

  3. Shahriar
    Link
    WireGuard's website used to have a disclaimer stating it is not audited for security purposes and should not be meant for production use. Did this change recently?

    WireGuard's website used to have a disclaimer stating it is not audited for security purposes and should not be meant for production use. Did this change recently?

    4 votes