Eh...
Hope this doesn't lead to an emergency kernel update later.
The WireGuard VPN protocol, which is smaller, faster and easier to configure than IPsec, has been merged into Linus Torvalds' git repository for version 5.6 of the Linux kernel, the next release. There is no set date for Linux kernel releases. Version 5.5 was released on 26 January 2020 and there is typically a couple of …
This post has been deleted by its author
This post has been deleted by its author
You can't make a link because you're trying to use BBCode, and, I quote, "HTML is the open standard of the web. Deal with it, bitches."
From the article: WireGuard is small and intended to be a VPN component rather than a complete solution, a fact that has led to some misunderstandings about its capability. Users will generally interact with VPN applications that support WireGuard.
I wonder why.
From the headline: Indie VPN WireGuard gets the Torvalds seal of approval
Yup, we're all "terrorists" now, hacking the planet from behind the Iron curtain of encrypted tunnels, spreading our subversive agenda.
Allegedly.
It wasn't that long ago that using a VPN, or even knowing about the existence of such a thing, lay exclusively within the realm of geeks, nae Übergeeks. Well OK, and remote office workers. In fact I'm pretty sure I recall mutterings to the effect that VPN and all forms of encryption were on the verge of being criminalized ... any day now.
Now it's virtually impossible to even watch a YouTube video without being spammed by one VPN slinger or another. Everybody's doing it, it seems.
I guess that whole Snoopers' Charter, warrantless mass surveillance, anti-piracy, anti-terrorism thing seriously backfired. Rather than putting a lid on it, it had the exact opposite effect, and now everyone and their pooch is digging tunnels under Big Brother's house.
Finally something to smile about.
"Yup, we're all "terrorists" now, hacking the planet from behind the Iron curtain of encrypted tunnels, spreading our subversive agenda."
Or at least that was the opinion of a certain former U.S. FBI director, anyway.
He printed up posters to be placed in Internet cafes and the like with a call to react thusly: (paraphrased, but not much) "If you see a person using VPN or Tor, please report it."
What was to be done with the "evil hacker", once discovered, wasn't clear. Asked a lot of questions, I imagine.
Any chance this simplicity and kernel integration will get IPv6 over VPN working? It's such a hot mess right now that most clients try to disable the IPv6 stack. That's fine if you're starting from an old IPv4-only network but it confuses apps if you activate VPN while already using IPv6.
A quick browse of the site doesn't suggest that it is any way limited to IPv4 - nor does it seem inherently tied to v4...
And the fist IPv6 mention in their white paper:
"Similarly opinionated, WireGuard is layer 3-only; as explained below in section 2, this is the cleanest approach for ensuring authenticity and attributability of the packets. The authors believe that layer 3 is the correct way for bridging multiple IP networks, and the imposition of this onto WireGuard allows for many simplifications, resulting in a cleaner and more easily implemented protocol. It supports layer 3 for both IPv4 and IPv6, and can encapsulate v4-in-v6 as well as v6-in-v4."