Baetsi ba Morero oa NetBSD mabapi le ho kenyelletsoa ha mokhanni oa wg ka ts'ebetsong ea protocol ea WireGuard kernel e kholo ea NetBSD. NetBSD e ile ea fetoha OS ea boraro kamora Linux le OpenBSD ka tšehetso e kopaneng bakeng sa WireGuard. Litaelo tse amanang le ho hlophisa VPN li boetse li fanoa - wg-keygen le wgconfig. Ho tlhophiso ea kernel ea kamehla (GENERIC), mokhanni ha a so kenngoe 'me o hloka pontšo e hlakileng ea "pseudo-device wg" litlhophisong.
Ho phaella moo, e ka hlokomeloa ntjhafatso e lokisoang ho sephutheloana sa wireguard-tools 1.0.20200820, se kenyelletsang lisebelisoa tsa sebaka sa mosebelisi joalo ka wg le wg-potlako. Phallo e ncha e lokisa IPC bakeng sa tšehetso e tlang ea WireGuard ho sistimi e sebetsang ea FreeBSD. Khoutu e ikhethileng ho li-platform tse fapaneng e arotsoe ka lifaele tse fapaneng. Ts'ehetso ea taelo ea "reload" e kenyellelitsoe faeleng ea yuniti ea systemd, e u lumellang ho tsamaisa meaho joalo ka "systemctl reload wg-quick at wgnet0".
A re u hopotse hore VPN WireGuard e kenngoa ts'ebetsong motheong oa mekhoa ea morao-rao ea ho kenyelletsa, e fana ka ts'ebetso e phahameng haholo, e bonolo ho e sebelisa, ha e na mathata 'me e ipakile e le palo e kholo ea lisebelisoa tse sebetsanang le sephethephethe se seholo. Morero ona esale o ntlafala ho tloha ka 2015, o hlahlobiloe le ho mekhoa ea encryption e sebelisitsoeng. Ts'ehetso ea WireGuard e se e kopantsoe ho NetworkManager le systemd, 'me li-patches tsa kernel li kenyelelitsoe ho arolelanoeng ha motheo. , Mageia, Alpine, Arch, Gentoo, OpenWrt, NixOS, и .
WireGuard e sebelisa mohopolo oa li-encryption key routing, tse kenyelletsang ho hokela senotlolo sa lekunutu ho sehokelo se seng le se seng sa marang-rang le ho se sebelisa ho tlama linotlolo tsa sechaba. Linotlolo tsa sechaba lia fapanyetsanoa ho theha khokahano ka tsela e ts'oanang le SSH. Ho buisana le linotlolo le ho hokela ntle le ho sebelisa daemon e arohaneng sebakeng sa mosebelisi, mochini oa Noise_IK ho tloha ho tšoana le ho boloka li-audhised_keys ho SSH. Phetiso ea data e etsoa ka ho kenyelletsa lipakete tsa UDP. E ts'ehetsa ho fetola aterese ea IP ea seva sa VPN (ho solla) ntle le ho hakolla khokahano ka tokiso ea othomathike ea moreki.
Bakeng sa encryption stream cipher le algorithm ea netefatso ea molaetsa (MAC) , e entsoeng ke Daniel Bernstein (), Tanya Lange
(Tanja Lange) le Peter Schwabe. ChaCha20 le Poly1305 li behiloe e le li-analogues tse potlakileng le tse sireletsehileng tsa AES-256-CTR le HMAC, ts'ebetso ea software e lumellang ho fihlela nako e tsitsitseng ea ts'ebetso ntle le ts'ehetso e khethehileng ea lisebelisoa. Ho hlahisa senotlolo se arolelanoang sa lekunutu, ho sebelisoa protocol ea elliptic curve Diffie-Hellman ts'ebetsong , hape e hlahisitsoeng ke Daniel Bernstein. Algorithm e sebelisoang bakeng sa hashing ke .
Source: opennet.ru