Difference between revisions of "WireGuard"

From wikieduonline
Jump to navigation Jump to search
Line 45: Line 45:
 
* <code>sysctl -w net.ipv6.conf.all.forwarding=1</code>
 
* <code>sysctl -w net.ipv6.conf.all.forwarding=1</code>
 
* [[4G]]
 
* [[4G]]
 +
* Clients behind [[NAT]] can keep the VPN established using an optional <code>keepalive</code> parameter; it defaults to no keepalive
  
 
== See also ==
 
== See also ==

Revision as of 13:22, 17 March 2021

wikipedia:WireGuard is a free and open-source software application and communication protocol that implements virtual private network techniques to create secure point-to-point connections in routed or bridged configurations. It use Noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24 and HKDF.


Technical features:

  • WireGuard is invisible to illegitimate peers and network scanners [1]
  • WireGuard uses only UDP protocol (port 41414).
  • Connection-less protocol


  • Curve25519 used for identified peers, using their public key, a 32-byte Curve25519 point


Included in March 2020 into the Linux Kernel 5.6 , available in Ubuntu since Ubuntu 20.10

WireGuard's encryption speed claims to be faster that IPsec group protocols.

  • Debian packages: wireguard, wireguard-dkms, wireguard-tools


  • MacOS: brew install wireguard-tools
  • iOS: allows auto activation on WiFI based on SSID.

Commands

Configuration


Author: Jason A. Donenfeld. Advisors: Trevor Perrin, Jean-Philippe Aumasson, Steven M. Bellovin, and Greg Kroah-Hartman[2]

Activities

Related terms

  • sysctl -w net.ipv4.ip_forward=1
  • sysctl -w net.ipv6.conf.all.forwarding=1
  • 4G
  • Clients behind NAT can keep the VPN established using an optional keepalive parameter; it defaults to no keepalive

See also

  • https://www.wireguard.com/papers/wireguard.pdf
  • https://www.wireguard.com/papers/wireguard.pdf
    • Retrieved from "https://www.wikieduonline.com/index.php?title=WireGuard&oldid=51511"

    Advertising: