NetBSD Project Developers hais txog kev suav nrog wg tsav tsheb nrog rau kev siv ntawm WireGuard raws tu qauv hauv lub ntsiab NetBSD kernel. NetBSD tau dhau los ua qhov thib peb OS tom qab Linux thiab OpenBSD nrog kev txhawb nqa rau WireGuard. Lwm cov lus txib rau kev teeb tsa VPN kuj muaj - wg-keygen thiab wgconfig. Nyob rau hauv lub default kernel configuration (GENERIC), tus neeg tsav tsheb tseem tsis tau qhib thiab yuav tsum tau qhia meej txog "pseudo-device wg" nyob rau hauv qhov chaw.
Tsis tas li ntawd, nws tuaj yeem raug sau tseg kev kho kho tshiab rau lub wireguard-cov cuab yeej 1.0.20200820 pob, uas suav nrog cov neeg siv qhov chaw siv xws li wg thiab wg-ceev. Qhov kev tso tawm tshiab npaj IPC rau kev txhawb nqa WireGuard yav tom ntej ntawm FreeBSD kev ua haujlwm. Cov cai tshwj xeeb rau ntau lub platform tau muab faib ua cov ntaub ntawv sib txawv. Kev them nyiaj yug rau "reload" hais kom ua tau ntxiv rau cov ntaub ntawv systemd unit, uas tso cai rau koj los khiav tsim xws li "systemctl reload wg-ceev ntawm wgnet0".
Cia peb nco ntsoov koj tias VPN WireGuard tau ua raws li cov txheej txheem encryption niaj hnub no, muab kev ua haujlwm siab heev, siv tau yooj yim, tsis muaj teeb meem thiab tau ua pov thawj nws tus kheej hauv ntau qhov kev xa tawm loj uas ua haujlwm ntau ntawm cov tsheb. Qhov project tau tsim txij li xyoo 2015, tau raug tshuaj xyuas thiab txoj kev encryption siv. Kev them nyiaj yug WireGuard twb tau muab tso rau hauv NetworkManager thiab systemd, thiab cov kab ke thaj ua rau thaj yog suav nrog hauv cov kev faib tawm. , Mageia, Alpine, Arch, Gentoo, OpenWrt, NixOS, ΠΈ .
WireGuard siv lub tswv yim ntawm encryption key routing, uas koom nrog kev txuas tus yuam sij ntiag tug rau txhua lub network interface thiab siv nws los khi cov yuam sij pej xeem. Cov yuam sij pej xeem raug pauv los tsim kom muaj kev sib txuas zoo ib yam li SSH. Txhawm rau sib tham cov yuam sij thiab txuas yam tsis tau khiav ib tus daemon cais hauv cov neeg siv qhov chaw, Noise_IK mechanism los ntawm zoo ib yam li kev tswj hwm authorized_keys hauv SSH. Kev xa cov ntaub ntawv yog ua los ntawm encapsulation hauv UDP pob ntawv. Nws txhawb kev hloov pauv tus IP chaw nyob ntawm VPN server (roaming) yam tsis muaj kev cuam tshuam kev sib txuas nrog cov neeg siv tsis siv neeg rov teeb tsa.
Rau encryption kwj cipher thiab lus authentication algorithm (MAC) , tsim los ntawm Daniel Bernstein (), Tanya Lange
(Tanja Lange) thiab Peter Schwabe. ChaCha20 thiab Poly1305 yog positioned raws li sai thiab muaj kev ruaj ntseg analogues ntawm AES-256-CTR thiab HMAC, qhov kev siv software uas tso cai rau ua tiav lub sijhawm ua tiav yam tsis muaj kev siv tshwj xeeb kho vajtse. Txhawm rau tsim kom muaj tus yuam sij zais cia, elliptic nkhaus Diffie-Hellman raws tu qauv yog siv rau hauv kev siv , kuj tau thov los ntawm Daniel Bernstein. Lub algorithm siv rau hashing yog .
Tau qhov twg los: opennet.ru