WireGuard is an open-source implementation of secure virtual private network (VPN) protocol. Existing VPN deployments are largely divided into two groups: in-kernel IPsec for its performance, and userspace OpenVPN for user-friendly configuration. WireGuard is designed to combine the best of the two worlds by offering in-kernel datapath and simplistic configuration interface. In addition, its minimal codebase can easily beat existing open-source VPN implementations in terms of vulnerability assessment and auditability. WireGuard allows network endpoints to be interconnected via secure UDP tunnels in a peer-to-peer fashion, which support both routed and bridged modes. WireGuard VPN protocol uses state-of-the-art proven cryptography, such as ChaCha20 for encryption, Curve25519 for key exchange, and Poly1305 for authentication. WireGuard kernel module has been integrated into the mainline Linux kernel since 5.6, and its userland configuration tools have been incorporated in base repositories of all modern Linux distributions.
This page presents a series of WireGuard VPN tutorials covering WireGuard server-/client-side installation and configuration in various Linux VPS or desktop environments.