Language Selection

English French German Italian Portuguese Spanish

WireGuard 1.0.0 for Linux 5.6 Released

Filed under
Linux
Security

Hi folks,

Earlier this evening, Linus released [1] Linus 5.6, which contains our
first release of WireGuard. This is quite exciting. It means that
kernels from here on out will have WireGuard built-in by default. And
for those of you who were scared away prior by the "dOnT uSe tHiS
k0de!!1!" warnings everywhere, you now have something more stable to
work with.

The last several weeks of 5.6 development and stabilization have been
exciting, with our codebase undergoing a quick security audit [3], and
some real headway in terms of getting into distributions.

We'll also continue to maintain our wireguard-linux-compat [2]
backports repo for older kernels. On the backports front, WireGuard
was backported to Ubuntu 20.04 (via wireguard-linux-compat) [4] and
Debian Buster (via a real backport to 5.5.y) [5]. I'm also maintaining
real backports, not via the compat layer, to 5.4.y [6] and 5.5.y [7],
and we'll see where those wind up; 5.4.y is an LTS release.

Meanwhile, the usual up-to-date distributions like Arch, Gentoo, and
Fedora 32 will be getting WireGuard automatically by virtue of having
5.6, and I expect these to increase in number over time.

Enjoy!
Jason

Read more

Also: WireGuard 1.0.0 Christened As A Modern Secure VPN Alternative To OpenVPN/IPsec

WireGuard VPN makes it to 1.0.0—and into the next Linux kernel

  • WireGuard VPN makes it to 1.0.0—and into the next Linux kernel

    We've been anticipating WireGuard's inclusion into the mainline Linux kernel for quite some time—but as of Sunday afternoon, it's official. Linus Torvalds released the Linux 5.6 kernel, which includes (among other things) an in-tree WireGuard. Phoronix has a great short list of the most interesting new features in the 5.6 kernel, as well as a longer "everything list" for those who want to make sure they don't miss anything.

Linux's WireGuard VPN is here and ready to protect you

  • Linux's WireGuard VPN is here and ready to protect you

    Linus Torvalds has released the newest version of the Linux 5.6. It includes many new and neat features like USB4 support, a fix for the 32-bit Epoch problem, multi-path TCP, and numerous driver patches. The biggest news of all s that Linux now has the popular open-source Virtual Private Network (VPN) WireGuard baked in.

    WireGuard is a radical new approach to VPNs. With its minimal codebase -- about 4,000 lines of code -- it's much easier to debug and secure than its rivals such as OpenVPN with its over 100,000 lines.

    Torvalds himself loves WireGuard for its simplicity. Long before he incorporated WireGuard into Linux, Tovalids said "Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn't perfect, but I've skimmed it, and compared to the horrors that are OpenVPN and IPSec, it's a work of art."

Anthony Spadafora on WireGuard

  • WireGuard VPN added to Linux 5.6

    Linux users now have another choice when it comes to protecting themselves online as WireGuard VPN has been added to the Linux kernel in version 5.6.

    Up until now, the fast and flexible VPN, which was designed specifically for Linux implementations, was only available as a third-party addition. However, WireGuard VPN is now available by default with release of Linux 5.6.

    In an announcement, president and security researcher at Edge Security, Jason Donenfeld explained that future Linux kernels will have WireGuard built-in by default, saying...

EnterpriseNetworkingPlanet and Google

  • Linux 5.6 Debuts with Wireguard Secure VPN for Remote Networking

    On March 29, Linux creator Linus Torvalds released the Linux 5.6 kernel providing a long list of new features. Of particular note for networking professionals is the inclusion of WireGuard Virtual Private Network (VPN) open source technology. Work to include WireGuard directly into Linux has been ongoing since March 2019 though WireGuard development itself has been ongoing since 2015.

    At its core, WireGuard is a secure network tunnel written especially for Linux, and optimized for performance and ease of configuration.

    "It has been designed with the primary goal of being both easy to audit by virtue of being small and highly secure from a cryptography and systems security perspective," WireGuard creator Jason Donenfeld wrote in a Linux Kernel Mailing List (LKML) commit message.

    Even before WireGuard was directly integrated into Linux, it had been available in what is known as an out-of-tree module, as wall as userspace tools. By being directly integrated into Linux, WireGuard is now however even more accessible to a wider user community. In contrast with other options for VPN, WireGuard provides a very small attack surface for any potential attacker.

  • It's Looking Like Android Could Be Embracing WireGuard - "A Sane VPN"

    Following the release of Linux 5.6 and WireGuard 1.0 declared, Google has now enabled WireGuard within their Android open-source Linux kernel build.

    Android's Generic Kernel Image (GKI) now has the WireGuard support enabled as a built-in option as of yesterday. In the Git commit enabling it, Google's Greg Kroah-Hartman commented, "Add native kernel support for a sane VPN."

    The upstream WireGuard project has long offered an Android port available from the Play Store as a user-space implementation while it's promising that Google is now enabling the WireGuard support as part of the GKI kernel for Android. WireGuard was upstreamed in Linux 5.6 after years of development and working out the encryption kernel changes that previously held up its integration.

WireGuard VPN Gets Added to the Next Linux Kernel

  • WireGuard VPN Gets Added to the Next Linux Kernel

    I briefly mentioned WireGuard when I wrote of Cloudflare’s WARP beta. I think it’s something to add to your technology watch lists. It’s just not any old VPN app, it’s a VPN protocol that could very well replace current protocols like IPsec and OpenVPN, or at least be offered as an alternative.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.