DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 7th February 2017
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 563
Default WireGuard: replacement for IPsec

Quote:
WireGuard is a next generation VPN protocol, which lives in the Linux kernel, and uses state of the art cryptography. One of the most exciting recent crypto-networking developments, WireGuard aims to drastically simplify secure tunneling.
https://fosdem.org/2017/schedule/event/wireguard/
Slides in PDF
Video in h.264
Video in VP8
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
  #2   (View Single Post)  
Old 4th May 2020
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 563
Default

I am more than a month late with this news, but this belongs here anyway.
WireGuard VPN makes it to 1.0.0—and into the next Linux kernel
Quote:
We've been anticipating WireGuard's inclusion into the mainline Linux kernel for quite some time—but as of Sunday afternoon, it's official. Linus Torvalds released the Linux 5.6 kernel, which includes (among other things) an in-tree WireGuard.
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
  #3   (View Single Post)  
Old 19th May 2020
ibara's Avatar
ibara ibara is offline
Brought VNs to OpenBSD
 
Join Date: Jan 2014
Posts: 728
Default

The effort is underway to get WireGuard in OpenBSD: https://marc.info/?l=openbsd-tech&m=158926407905492&w=2

But if you can't wait that long, there is a userland implementation called WireSep which is available in ports: https://netsend.nl/wiresep
Reply With Quote
  #4   (View Single Post)  
Old 1 Week Ago
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 563
Default

https://lists.zx2c4.com/pipermail/wi...ne/005588.html
Quote:
Originally Posted by Jason A. Donenfeld
Hey everyone,

I'm happy to announce that WireGuard has been merged into the OpenBSD
kernel, with integration into userland as well.

https://marc.info/?l=openbsd-cvs&m=159274150512676&w=2
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
  #5   (View Single Post)  
Old 1 Week Ago
ibara's Avatar
ibara ibara is offline
Brought VNs to OpenBSD
 
Join Date: Jan 2014
Posts: 728
Default

https://marc.info/?l=openbsd-cvs&m=159295575721928&w=2
Reply With Quote
  #6   (View Single Post)  
Old 1 Week Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,025
Default

I was playing with wg(4) yesterday. As VPN tech goes, this is thing is simple and easy to provision and use.
Reply With Quote
  #7   (View Single Post)  
Old 1 Week Ago
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 916
Default

Or one could use one of these.

Reply With Quote
  #8   (View Single Post)  
Old 1 Week Ago
fvgit's Avatar
fvgit fvgit is offline
Spikes in tights
 
Join Date: May 2016
Location: perl -MMIME::Base64 -le 'print decode_base64("U2hlcndvb2QgRm9yZXN0")'
Posts: 237
Default

Quote:
Originally Posted by jggimi View Post
I was playing with wg(4) yesterday. As VPN tech goes, this is thing is simple and easy to provision and use.
Do you still need the userland tools from net/wireguard-tools?
Reply With Quote
  #9   (View Single Post)  
Old 1 Week Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,025
Default

They are optional. See the EXAMPLES section of the wg(4) man page for using ifconfig(8) alone.
Reply With Quote
Old 4 Days Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,025
Default

Both ipv4 and ipv6 work well for me, and either can be tunneled over either. So testing is over. I'm now using it in (personal) production, with a dual-stack implementation running on an OpenBSD VPS, for my smartphone. At the moment I have two Android apps on the exclusion list so they can access devices on the home WiFi network.
Reply With Quote
Reply

Tags
ipsec, vpn

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Replacement for Hsetroot? cats OpenBSD Packages and Ports 2 1 Week Ago 08:01 PM
Remote Replacement of OS mwatkins FreeBSD Installation and Upgrading 4 5th April 2009 04:01 AM
Trisentry replacement? neurosis FreeBSD Security 0 10th December 2008 04:09 PM
MB + CPU replacement mururoa FreeBSD General 10 21st November 2008 08:21 PM
Replacement for Mail? Bruco FreeBSD Ports and Packages 9 14th June 2008 05:15 PM


All times are GMT. The time now is 06:34 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick