Bayan 'yan sa'o'i bayan ƙaddamar da sabon sigar Linux Kernel 5.6 da aka gabatar, wanda ya haɗa da aiwatar da WireGuard VPN (zaku iya bincika canje-canje da labarai na wannan sabon salo anan) nasu masu ci gaba sun saki sakin gagarumin ƙaddamar da WireGuard VPN 1.0.0 mai alamar isar da kayan aikin WireGuard.
Tunda ana haɓaka WireGuard a kan babban kwafin Linux, an shirya ma'ajiyar waya-Linux-komput.git don rarrabawa da masu amfani waɗanda ke ci gaba da jigilar tsofaffin nau'ikan kwaya.
Game da WireGuard VPN
Ana aiwatar da WireGuard VPN ne ta hanyar hanyoyin boye-boye na zamanis, yana ba da aiki mai girma, yana da sauƙin amfani, ba tare da matsala ba, kuma an tabbatar da shi a cikin manyan abubuwan da aka tura da ke ɗaukar yawancin zirga-zirga. An haɓaka aikin tun shekara ta 2015, ya wuce tantancewa na yau da kullun da kuma tabbatar da hanyoyin ɓoyayyen bayanan da aka yi amfani da su.
An riga an haɗa tallafin WireGuard cikin NetworkManager da tsarin kuma an sanya facin kernel a cikin rarrabawar tushe na Debian Unstable, Mageia, Alpine, Arch, Gentoo, OpenWrt, NixOS, Subgraph, da ALT.
WireGuard yana amfani da ma'anar hanyar sarrafa mabuɗin ɓoyewa, wanda ya haɗa da ɗaure maɓallin keɓaɓɓe ga kowane hanyar sadarwa da amfani da shi don ɗaura mabuɗan jama'a. Musayar maɓallan jama'a don kafa haɗin haɗi ana yin ta kwatankwacin SSH.
Don tattauna maɓallan da haɗawa ba tare da fara daemon daban a sararin mai amfani ba, ana amfani da hanyar Noise_IK na Noise Protocol Framework, kama da ajiye maɓallan izini a cikin SSH. Ana watsa bayanai ta hanyar encapsulation a cikin fakiti na UDP. ZUWAbari mu canza adireshin IP na uwar garken VPN (yawo) ba tare da katse haɗin ba tare da sake tsara fasalin abokin ciniki na atomatik.
Don ɓoyewa, Ana amfani da ɓoyayyen ɓoye na ChaCha20 da Poly1305 ingantaccen saƙon algorithm (MAC) wanda Daniel J. Bernstein, Tanja Lange, da Peter Schwabe suka kirkira. ChaCha20 da Poly1305 an sanya su a matsayin azaman analog masu sauri da aminci na AES-256-CTR da HMAC, wanda aiwatar da software ya ba da damar cimma tsayayyen lokacin aiwatarwa ba tare da haɗawa da tallafi na kayan aiki na musamman ba.
Don samar da maɓallin sirrin da aka raba, ana amfani da yarjejeniyar Diffie-Hellman akan masu lankwasuwa a cikin aiwatar da Curve25519, wanda kuma Daniel Bernstein ya gabatar. Don zanta, ana amfani da BLAKE2s algorithm (RFC7693).
Waɗanne canje-canje aka haɗa a cikin WireGuard VPN 1.0.0?
Lambar da aka haɗa a cikin kernel na Linux an bincika ta na ƙarin tsaro, wanda wani kamfani mai zaman kansa keɓaɓɓe a cikin waɗannan sarrafawar ke aiwatarwa. Binciken bai bayyana wata matsala ba.
Wurin ajiyar da aka shirya ya haɗa da lambar WireGuard tare da tallafi da kwantan kwali.h don tabbatar dacewa tare da tsofaffin kernels. An lura cewa yayin da akwai dama ga masu haɓakawa da buƙata ga masu amfani, za a adana nau'ikan faci na faci a cikin sigar aiki.
A halin yanzu, Ana iya amfani da WireGuard tare da Ubuntu 20.04 da Debian 10 "Buster" kernels kuma ana samun sa a matsayin kayan kwalliyar Linux 5.4 da 5.5. Rarrabawa ta amfani da sabbin kernel, irin su Arch, Gentoo, da Fedora 32, zasu iya amfani da WireGuard tare da sabunta kernel 5.6.
Babban aikin ci gaba yanzu yana gudana a cikin ajiyar wayaguard-linux.git, wanda ya hada da cikakken kernel na Linux tare da canje-canje daga aikin Wireguard.
Za a sake yin duban facin da ke wannan ma'ajiyar don shigar da su a cikin babban kwaya kuma za a riƙa sauyawa a kai a kai zuwa ga rassa / raga-na gaba.
Developmentaddamar da abubuwan amfani da rubutun da ke gudana a sararin mai amfani, kamar wg da wg-sauri, ana faruwa a cikin wurin ajiyar kayan waya-tool.git, wanda za'a iya amfani dashi don ƙirƙirar fakitoci a cikin rarrabawa.
Hakanan, ba za a buƙaci ƙarin ci gaba na ƙirar ƙirar ƙirar kwaya mai ƙarfi ba duk da cewa WireGuard zai ci gaba da aiki azaman ɗakunan kernel mai ɗaukar nauyi.
Finalmente idan kuna sha'awar ƙarin sani game da shi game da wannan sabon sigar, zaku iya tuntuɓar maganar masu haɓaka ta A cikin mahaɗin mai zuwa.