WireGuard yakagamuchirwa uye ichave yakabatanidzwa mune inotevera vhezheni yeLinux 5.6

murindi

 

Izvo zvakaziviswa izvo David S. Miller, anoona nezve Linux network subsystem, atora zvigamba ne kuitwa kweVPN interface yeiyo WireGuard chirongwa mu net-inotevera bazi. Naiyo pakutanga kwegore rinouya, iyo yakaunganidzwa shanduko mubazi-rinotevera bazi ivo vanozoita hwaro hwekuburitswa kweLinux 5.6.

Kune avo vasingazive WireGuard vanofanira kuziva kuti izvi iVPN inoitwa pachishandiswa nzira dzemazuva ano dzekuvharira, inopa kuita kwakanyanya kwazvo, zviri nyore kushandisa, Iyo haina kuomarara uye yakazviratidza pachayo mune akati wandei makuru deployments inobata yakawanda mavhoriyamu etraffic.

Nezve WireGuard

Iyo purojekiti yakagadziridzwa kubvira 2015, yakapasa kuongororwa kwepamutemo uye kuongororwa kwenzira dzekunamatira dzinoshandiswa. Rutsigiro rwe WireGuard yakatove yakabatanidzwa muNetworkManager uye systemd, uye kernel patches chikamu chekuparadzirwa kwekutanga kweDebian Unstable, Mageia, Alpine, Arch, Gentoo, OpenWrt, NixOS, Subgraph, uye ALT.

WireGuard inoshandisa iyo pfungwa yekunyorera kiyi nzira, izvo zvinosanganisira kusungira yakavanzika kiyi kune yega yega network interface uye kuishandisa iyo kusunga yeruzhinji makiyi. Kuchinjaniswa kwemakiyi eruzhinji kumisikidza kubatana kunoitwa nekufananidza neSSH.

Kutaurirana makiyi uye kubatana pasina kutanga rakasiyana daemon munzvimbo yemushandisi, Noise_IK mashandiro eNoise Protocol Sisitimu inoshandiswa, yakafanana nekuchengetedza makiyi anotenderwa muSSH. Dhata inopfuudzwa kuburikidza nekuvhara mukati meDP mapaketi. Tsigiro yekuchinja iyo IP kero yeVPN server (kutenderera) pasina kukanganisa kubatana uye otomatiki kugadzirisa mutengi.

Zvekunyorera, ChaCha20 rwizi encryption inoshandiswa uye iyo Poly1305 (MAC) meseji yekusimbisa algorithm, ino yakamisikidzwa seanokurumidza uye akachengeteka macomputer eAES-256-CTR uye HMAC, iyo software yekushandisa inobvumidza kuwana yakatarwa yekuuraya nguva pasina kubatanidza yakakosha Hardware rutsigiro.

Mushure menguva yakareba WireGuard inozopedzisira yaverengerwa muLinux

Linux

Kuyedza kwakasiyana siyana kwakaitwa kusimudzira Iyo kodhi ye WireGuard mukati meLinux, asi ivo havana kubudirira nekuda kwekusunga kwavo kwavo kuita kwecryptographic mabasa, ayo aishandiswa kuwedzera kugadzirwa.

Aya mashandiro akatanga akurudzirwa kune kernel seyezve yakaderera-chikamu API, iyo inogona pakupedzisira kutsiva yakajairwa Crypto API.

Mushure mekutaurirana kumusangano weKernel Recipes, ivo vagadziri veWireGuard munaGunyana vakaita sarudzo yekubvumirana yekuchinja zvigamba zvavo kushandisa iyo Crypto yepakati API, yevagadziri veWireGuard vane zvichemo maererano nekuita uye chengetedzo yakajairika.

Kwakatemwa kuti iyo API yaizoenderera ichikudziridza, asi seyakasiyana chirongwa.

Gare gare munaNovember, ivo vanogadzira kernel vakaita kuzvipira uye vakatenderana kuendesa imwe yekodhi kune kernel huru. Muchokwadi, zvimwe zvinongedzo zvichaendeswa kune kernel, asi kwete seyakaganhurirwa API, asi sechikamu cheiyo Crypto API subsystem.

Semuenzaniso, Crypto API yatove inosanganisira yekumhanyisa kuitisa yakagadzirirwa naWayguard yeChaCha20 uye Poly1305 algorithms.

Nezve iyo inotevera WireGuard chikamu mukati, iye muvambi weprojekiti akazivisa kugadziriswa kwenzvimbo yekuchengetedza. Kuti zvive nyore kusimudzira, iyo monolithic "WireGuard.git" repository, iyo yakagadzirirwa kurarama kwakasiyana, ichatsiviwa nematatu matatu akapatsanurwa ayo akakodzera kwazvo kuronga kodhi basa mune huru kernel:

  • washington-linux.git - Iyo yakazara kernel muti ine shanduko kubva kune iyo Wireguard chirongwa, zvigamba zvacho zvinozoongororwa kuti zvibatanidzwe mukernel uye zvinowanzoendeswa kumambure / mambure-anotevera matavi.
  • neworleanscomber.git- Iyo yekuchengetedza yezvishandiso uye zvinyorwa zvinomhanya munzvimbo yemushandisi, senge wg uye wg-inokurumidza. Iyo yekuchengetera inogona kushandiswa kugadzira mapakeji ekugovera.
  • wireguard-linux-Compat:  repository ine module module, inopihwa zvakasiyana kubva kune kernel uye inosanganisira iyo compat.h rukoko kuve nechokwadi chekuenderana neyekare tsanga. Iko kusimudzira kukuru kuchaitika muwairesi-linux.git repository, asi kusvika pari zvino vashandisi vawana mukana uye kudiwa kwehumwe vhezheni yezvimedu zvichatsigirwawo mune fomu rekushanda.

Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako