For several years, developers have been working on WireGuard VPN for Linux and now it is finally ready to arrive on the platform.
Linus Torvalds, the creator of Linux himself praised the new in-kernel Linux VPN, calling it a “work of art” in comparison to other VPNs such as OpenVPN and IPSec (referring to them as horrors).
What makes WireGuard VPN for Linux so good?
WireGuard is a layer 3 secure VPN — a type of VPN mode that is built and delivered on OSI layer 3 networking technologies. Unlike other VPNs, WireGuard’s code is much cleaner and simpler which results in a fast and easy-to-use virtual private network.
This VPN securely encapsulates IP packets over UDP. The authentication and interface design of WireGuard for Linux has more to do with Secure Shell (SSH) than other VPNs. You’d just have to configure the WireGuard interface with a private key and other party’s public keys to establish a secure connection.
Reinventing the cryptographic subsystem
Even though WireGuard VPN was initiated as a Linux project, its Windows, macOS, BSD, iOS, and Android versions are already available.
The reason behind the delay was WireGuard’s principal designer, Jason Donenfeld. He disliked Linux’s built-in cryptographic subsystem citing its API is too complex and difficult.
Donenfeld had his own plan to introduce a new cryptographic subsystem — his own Zinc library. However, this didn’t go down well with several developers as they thought that rewriting the cryptographic subsystem was a waste of time.
Fortunately for Donenfeld, Linus Torvalds was on his side.
Torvalds stated, “I’m 1000% with Jason on this. The crypto/ model is hard to use, inefficient, and completely pointless when you know what your cipher or hash algorithm is, and your CPU just does it well directly.”
WireGuard VPN For Linux Is The Future
After its arrival, WireGuard VPN can be expected to become the new standard for Linux VPNs with its key features, namely, tiny code-size, high-speed cryptographic primitives, and in-kernel design.
Apart from being super fast, WireGuard for Linux would be secure too as it supports state-of-the-art cryptography technologies such as the Noise protocol framework, Curve25519, BLAKE2, SipHash24, ChaCha20, Poly1305, and HKD.
So When Is WireGuard VPN For Linux Arriving?
WireGuard has already been committed to the mainline Linux kernel. So, we can expect a built-in WireGuard VPN for Linux to arrive in early 2020, most probably with a Linux kernel 5.6 release candidate. However, normal day-to-day Linux users might not get to see the in-kernel WireGuard until late 2020.
One of the fast-moving mainstream distros, Ubuntu, will get its next Long Term Support (LTS) release in April 2020. But Linux 5.6 kernel and Ubuntu 20.04 would most likely be in release candidate status at the same time, so the chances of WireGuard’s inclusion in Ubuntu 20.04 seem unlikely.
Instead, we can look forward to the interim 20.10 Ubuntu release for the same. As far as Red Hat Enterprise Linux (RHEL) inclusion is considered, it will take more than a year.