WireGuard

WireGuard is an application used to create secure point-to-point, site-to-point and site-to-site connections utilizing VPN technology. It is considered an alternative to OpenVPN and aims to be fast, simple and lean.

Wireguard is written and maintained by, a Gentoo developer.

Official and potentially more up-to-date installation instructions can be found upstream.

Kernels less than 5.6
Linux kernels less than 5.6 (<=5.5) did not include Wireguard as a feature in the upstream kernel code. Adding Wireguard support to these (older) kernels is possible via additional modules emerged below.

Attempting to add WireGuard support without having a few specific kernel symbols enabled will cause the emerge to fail. A few of the symbols are dependencies and can only be set by setting other options. Perform the necessary work to have the following symbols enabled before moving on to the next section:


 * CONFIG_NET - For basic networking support.
 * CONFIG_INET - For basic IP support.
 * CONFIG_NET_UDP_TUNNEL - For sending and receiving UDP packets.
 * CONFIG_NF_CONNTRACK - For determining the source address when constructing ICMP packets.
 * CONFIG_NETFILTER_XT_MATCH_HASHLIMIT - For ratelimiting when under DoS attacks.
 * CONFIG_IP6_NF_IPTABLES - Only if using CONFIG_IPV6 for ratelimiting when under DoS attacks.
 * CONFIG_CRYPTO_BLKCIPHER - For doing scatter-gather I/O.
 * CONFIG_PADATA - For parallel crypto (only available on multi-core machines).

Kernel 5.6 and higher
Starting with kernel 5.6, Wireguard is included in the upstream kernel sources. It is enabled via the following menuconfig option:

Emerge
Install the wireguard-tools package to generate encryption keys and manage Wireguard interfaces:

Less than 5.6
For Linux kernels less than 5.6 also install the modules:

Generate a keypair
Before using WireGuard a keypair has to be generated. This can be accomplished using :

Quick configuration
Configuration can be automated using the utility, which will create tunnels using configuration files in the  file.

For more information on consult.