NetBSD Project Developers nezvekubatanidzwa kwemutyairi wewg pamwe nekushandiswa kweprotocol mu NetBSD kernel huru WireGuardNetBSD yakava OS yechitatu mushure me Linux uye OpenBSD nerutsigiro rwakabatanidzwa WireGuardMirairo yakabatana yekugadziriswa kweVPN inopiwawo: wg-keygen uye wgconfig. Mukugadzirisa kernel default (GENERIC), mutyairi haasati avhurwa uye anoda kutsanangura zvakajeka "pseudo-device wg" mumagadzirirwo.
Uyezve, inogona kucherechedzwa kugadzirisa pasuru wireguard-tools 1.0.20200820, inosanganisira zvishandiso zvemushandisi zvakaita sewg uye wg-quick. Kuburitswa kutsva uku kunogadzirira IPC rutsigiro rwuri kuuya. WireGuard MuFreeBSD operating system, kodhi yepuratifomu yakakamurwa kuita mafaira akasiyana. Rutsigiro rwemurairo wekuti "reload" rwawedzerwa kufaira re systemd unit, zvichibvumira zvirevo zvakaita sekuti "systemctl reload wg-quick at wgnet0."
Ngatikuyeuchidzei kuti VPN WireGuard Inoshandiswa uchishandisa nzira dzemazuva ano dzekuvharidzira, inoita basa repamusoro-soro, iri nyore kushandisa, haina matambudziko, uye yakaratidza kushanda kwayo mumabasa akawanda makuru anobata vanhu vakawanda vanofamba. Chirongwa ichi chave chiri kugadzirwa kubvira muna 2015 uye chakaongororwa uye nzira dzekuvhara data dzakashandiswa. Rutsigiro rwemashoko WireGuard Yakatobatanidzwa muNetworkManager uye systemd, uye ma kernel patches anowanikwa mu base distributions. , Mageia, Alpine, Arch, Gentoo, OpenWrt, NixOS, и .
В WireGuard Pfungwa ye encryption key routing inoshandiswa, iyo inosanganisira kusunga kiyi yakavanzika kune yega yega network interface uye kuishandisa pakusunga kiyi yeruzhinji. Makiyi eruzhinji anotsinhaniswa kuti pave nekubatana nenzira yakafanana neSSH. Kuti vataurirane makiyi uye vagadzire kubatana pasina kushandisa daemon yakasiyana munzvimbo yemushandisi, Noise_IK mechanism kubva zvakafanana nekuchengetedza authorized_keys muSSH. Kuendesa data kunoitwa kuburikidza ne encapsulation muUDP mapaketi. Inotsigira kushandura IP kero yeVPN server (kutenderera) pasina kudzima kubatana neotomatiki mutengi kugadzirisa.
For encryption stream cipher uye meseji yekusimbisa algorithm (MAC) , yakagadzirwa naDaniel Bernstein (), Tanya Lange
(Tanja Lange) naPeter Schwabe. ChaCha20 nePoly1305 zvakamisikidzwa seanokurumidza uye akachengeteka analogues eAES-256-CTR neHMAC, iyo software yekumisikidza inobvumira kuwana yakatemwa yekuuraya nguva pasina kushandisa yakakosha Hardware rutsigiro. Kugadzira kiyi yakavanzika yakagovaniswa, iyo elliptic curve Diffie-Hellman protocol inoshandiswa mukuita , zvakare yakakurudzirwa naDaniel Bernstein. Iyo algorithm inoshandiswa kune hashing ndeye .
Source: opennet.ru
