Language Selection

English French German Italian Portuguese Spanish

WireGuard 1.0.0 for Linux 5.6 Released

Filed under
Linux
Security

Hi folks,

Earlier this evening, Linus released [1] Linus 5.6, which contains our
first release of WireGuard. This is quite exciting. It means that
kernels from here on out will have WireGuard built-in by default. And
for those of you who were scared away prior by the "dOnT uSe tHiS
k0de!!1!" warnings everywhere, you now have something more stable to
work with.

The last several weeks of 5.6 development and stabilization have been
exciting, with our codebase undergoing a quick security audit [3], and
some real headway in terms of getting into distributions.

We'll also continue to maintain our wireguard-linux-compat [2]
backports repo for older kernels. On the backports front, WireGuard
was backported to Ubuntu 20.04 (via wireguard-linux-compat) [4] and
Debian Buster (via a real backport to 5.5.y) [5]. I'm also maintaining
real backports, not via the compat layer, to 5.4.y [6] and 5.5.y [7],
and we'll see where those wind up; 5.4.y is an LTS release.

Meanwhile, the usual up-to-date distributions like Arch, Gentoo, and
Fedora 32 will be getting WireGuard automatically by virtue of having
5.6, and I expect these to increase in number over time.

Enjoy!
Jason

Read more

Also: WireGuard 1.0.0 Christened As A Modern Secure VPN Alternative To OpenVPN/IPsec

WireGuard VPN makes it to 1.0.0—and into the next Linux kernel

  • WireGuard VPN makes it to 1.0.0—and into the next Linux kernel

    We've been anticipating WireGuard's inclusion into the mainline Linux kernel for quite some time—but as of Sunday afternoon, it's official. Linus Torvalds released the Linux 5.6 kernel, which includes (among other things) an in-tree WireGuard. Phoronix has a great short list of the most interesting new features in the 5.6 kernel, as well as a longer "everything list" for those who want to make sure they don't miss anything.

Linux's WireGuard VPN is here and ready to protect you

  • Linux's WireGuard VPN is here and ready to protect you

    Linus Torvalds has released the newest version of the Linux 5.6. It includes many new and neat features like USB4 support, a fix for the 32-bit Epoch problem, multi-path TCP, and numerous driver patches. The biggest news of all s that Linux now has the popular open-source Virtual Private Network (VPN) WireGuard baked in.

    WireGuard is a radical new approach to VPNs. With its minimal codebase -- about 4,000 lines of code -- it's much easier to debug and secure than its rivals such as OpenVPN with its over 100,000 lines.

    Torvalds himself loves WireGuard for its simplicity. Long before he incorporated WireGuard into Linux, Tovalids said "Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn't perfect, but I've skimmed it, and compared to the horrors that are OpenVPN and IPSec, it's a work of art."

Anthony Spadafora on WireGuard

  • WireGuard VPN added to Linux 5.6

    Linux users now have another choice when it comes to protecting themselves online as WireGuard VPN has been added to the Linux kernel in version 5.6.

    Up until now, the fast and flexible VPN, which was designed specifically for Linux implementations, was only available as a third-party addition. However, WireGuard VPN is now available by default with release of Linux 5.6.

    In an announcement, president and security researcher at Edge Security, Jason Donenfeld explained that future Linux kernels will have WireGuard built-in by default, saying...

EnterpriseNetworkingPlanet and Google

  • Linux 5.6 Debuts with Wireguard Secure VPN for Remote Networking

    On March 29, Linux creator Linus Torvalds released the Linux 5.6 kernel providing a long list of new features. Of particular note for networking professionals is the inclusion of WireGuard Virtual Private Network (VPN) open source technology. Work to include WireGuard directly into Linux has been ongoing since March 2019 though WireGuard development itself has been ongoing since 2015.

    At its core, WireGuard is a secure network tunnel written especially for Linux, and optimized for performance and ease of configuration.

    "It has been designed with the primary goal of being both easy to audit by virtue of being small and highly secure from a cryptography and systems security perspective," WireGuard creator Jason Donenfeld wrote in a Linux Kernel Mailing List (LKML) commit message.

    Even before WireGuard was directly integrated into Linux, it had been available in what is known as an out-of-tree module, as wall as userspace tools. By being directly integrated into Linux, WireGuard is now however even more accessible to a wider user community. In contrast with other options for VPN, WireGuard provides a very small attack surface for any potential attacker.

  • It's Looking Like Android Could Be Embracing WireGuard - "A Sane VPN"

    Following the release of Linux 5.6 and WireGuard 1.0 declared, Google has now enabled WireGuard within their Android open-source Linux kernel build.

    Android's Generic Kernel Image (GKI) now has the WireGuard support enabled as a built-in option as of yesterday. In the Git commit enabling it, Google's Greg Kroah-Hartman commented, "Add native kernel support for a sane VPN."

    The upstream WireGuard project has long offered an Android port available from the Play Store as a user-space implementation while it's promising that Google is now enabling the WireGuard support as part of the GKI kernel for Android. WireGuard was upstreamed in Linux 5.6 after years of development and working out the encryption kernel changes that previously held up its integration.

WireGuard VPN Gets Added to the Next Linux Kernel

  • WireGuard VPN Gets Added to the Next Linux Kernel

    I briefly mentioned WireGuard when I wrote of Cloudflare’s WARP beta. I think it’s something to add to your technology watch lists. It’s just not any old VPN app, it’s a VPN protocol that could very well replace current protocols like IPsec and OpenVPN, or at least be offered as an alternative.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Python Programming

  • The PEPs of Python 3.9

    With the release of Python 3.9.0b1, the first of four planned betas for the development cycle, Python 3.9 is now feature-complete. There is still plenty to do in terms of testing and stabilization before the October final release. The release announcement lists a half-dozen Python Enhancement Proposals (PEPs) that were accepted for 3.9. We have looked at some of those PEPs along the way; there are some updates on those. It seems like a good time to fill in some of the gaps on what will be coming in Python 3.9

  • How to Write an Installable Django App

    In the Django framework, a project refers to the collection of configuration files and code for a particular website. Django groups business logic into what it calls apps, which are the modules of the Django framework. There’s plenty of documentation on how to structure your projects and the apps within them, but when it comes time to package an installable Django app, information is harder to find. In this tutorial, you’ll learn how to take an app out of a Django project and package it so that it’s installable. Once you’ve packaged your app, you can share it on PyPI so that others can fetch it through pip install.

  • Pros and Cons of Python: A Definitive Python Web Development Guide

    Python is a powerful programming language for mobile and web development projects. It is also the most popular programming language for AI in 2020. RedI Python development’s use cases in scientific computing, statistics, and education make it one of the highly preferred programming languages for Python programmers. The open-source programming language launched in 1992 is now on the verge of becoming the most popular and used programming language. Due to the rise in demand for AI and ML applications, Python web programming is now the first thing that comes to mind for coding such applications. But is Python for web development even worth it? It definitely is. Some of the top companies use Python web programming in their technology stack.

Fedora 32 Elections

mesa 20.1.0

Hi all,

I'd like to announce Mesa 20.1.0, the first release for the 20.1 branch.

Being the first release of this new branch, there can be issues that
will be discovered now that the new code will be widely used, so you may
want to stay on the 20.0.x releases until the 20.1.1 release, scheduled
for 14 days from now on 2020-06-10.

One already known issue that I want to point out is that Unreal Engine 4
has a bug in its usage of glDrawRangeElements() causing it to be
called with a number of vertices in place of the `end` parameter,
that was recently revealed. This is an annoying bug that we haven't
worked around yet. For more details:
https://gitlab.freedesktop.org/mesa/mesa/-/issues/2917

Eric

---

Andrii Simiklit (1):
      i965/vec4: Ignore swizzle of VGRF for use by var_range_end()

Bas Nieuwenhuizen (4):
      radv/winsys:  Remove extra sizeof multiply.
      radv: Handle failing to create .cache dir.
      radv: Do not close fd -1 when NULL-winsys creation fails.
      radv: Implement vkGetSwapchainGrallocUsage2ANDROID.

D Scott Phillips (1):
      anv/gen11+: Disable object level preemption

Danylo Piliaiev (3):
      meson: Disable GCC's dead store elimination for memory zeroing custom new
      mesa: Fix double-lock of Shared->FrameBuffers and usage of wrong mutex
      intel/fs: Work around dual-source blending hangs in combination with SIMD16

Dave Airlie (1):
      llvmpipe: compute shaders work better with all the threads.

Eric Engestrom (4):
      .pick_status.json: Update to a91306677c613ba7511b764b3decc9db42b24de1
      tree-wide: fix deprecated GitLab URLs
      docs: Add release notes for 20.1.0
      VERSION: bump to 20.1.0 release

Erik Faye-Lund (1):
      zink: use general-layout when blitting to/from same resource

Gert Wollny (1):
      r600: Fix duplicated subexpression in r600_asm.c

Hanno Böck (1):
      Properly check mmap return value

Icecream95 (1):
      panfrost: Fix background showing when using discard

Jason Ekstrand (3):
      nir/lower_double_ops: Rework the if (progress) tree
      nir/opt_deref: Report progress if we remove a deref
      nir/copy_prop_vars: Record progress in more places

Kristian Høgsberg (1):
      freedreno: Use the right amount of &'s

Nataraj Deshpande (1):
      dri_util: Update internal_format to GL_RGB8 for MESA_FORMAT_R8G8B8X8_UNORM

Pierre-Eric Pelloux-Prayer (1):
      amd/addrlib: fix forgotten char -> enum conversions

Rhys Perry (1):
      nir: fix lowering to scratch with boolean access

Rob Clark (1):
      freedreno: clear last_fence after resource tracking

Samuel Pitoiset (2):
      radv: handle different Vulkan API versions correctly
      radv: update the list of allowed Android extensions

Timothy Arceri (2):
      glsl: stop cascading errors if process_parameters() fails
      glsl: fix slow linking of uniforms in the nir linker

Vinson Lee (3):
      r600/sfn: Initialize VertexStageExportForGS m_num_clip_dist member variable.
      r600/sfn: Use correct setter method.
      freedreno: Add missing va_end.

git tag: mesa-20.1.0
Read more Also: Mesa 20.1 Released With Numerous Linux Graphics Driver Improvements

Android Mirroring App ‘Scrcpy’ Just Added a Bunch of New Features

If you read this blog regularly enough you’ll be familiar with scrcpy, an ace root-free way to mirror your Android smartphone on your Ubuntu desktop and interact with it. Scrcpy is free, it’s open source, it’s awesome. Oh yeah, and it’s updated regularly! Which is what this post is about: telling you what’s new and notable in the latest release, scrcpy 1.14 — so let’s get to it! Read more