Package: distro-info-data Description-md5: f7fe06a2e0396bbe8c1c7abad056bf48 Description-en: information about the distributions' releases (data files) Information about all releases of Debian and Ubuntu. The distro-info script will give you the codename for e.g. the latest stable release of your distribution. To get information about a specific distribution there are the debian-distro-info and the ubuntu-distro-info scripts. . This package contains the data files. Package: libcharon-extauth-plugins Description-md5: fc3eaf87c658452c4f81b8064e552e6c Description-en: strongSwan charon library (extended authentication plugins) The strongSwan VPN suite uses the native IPsec stack in the standard Linux kernel. It supports both the IKEv1 and IKEv2 protocols. . This package provides extended authentication plugins for the charon library: - eap-mschapv2 (EAP-MSCHAPv2 protocol handler using passwords/NT hashes) Used for client side to connect to some VPN concentrators configured for Windows 7+ and modern OSX/iOS using IKEv2 (identify with public key, authenticate with MSCHAPv2). - xauth-generic (Generic XAuth backend that provides passwords from ipsec.secrets and other credential sets) Used for the client side to connect to VPN concentrators configured for Android and older OSX/iOS using IKEv1 and XAUTH (identify with public key, authenticate with XAUTH password). . These are the "not always, but still more commonly used" plugins, for further needs even more plugins can be found in the package libcharon-extra-plugins. Package: libstrongswan Description-md5: 397c7109a71b78fc4d9cd32308d472df Description-en: strongSwan utility and crypto library The strongSwan VPN suite uses the native IPsec stack in the standard Linux kernel. It supports both the IKEv1 and IKEv2 protocols. . This package provides the underlying libraries of charon and other strongSwan components. It is built in a modular way and is extendable through various plugins. . Some default (as specified by the strongSwan projet) plugins are included. For libstrongswan (cryptographic backends, URI fetchers and database layers): - aes (AES-128/192/256 cipher software implementation) - constraints (X.509 certificate advanced constraint checking) - dnskey (Parse RFC 4034 public keys) - drbg (NIST SP-800-90A Deterministic Random Bit Generator) - fips-prf (PRF specified by FIPS, used by EAP-SIM/AKA algorithms) - gmp (RSA/DH crypto backend based on libgmp) - hmac (HMAC wrapper using various hashers) - md5 (MD5 hasher software implementation) - mgf1 (Mask Generation Functions based on the SHA-1, SHA-256 and SHA-512) - nonce (Default nonce generation plugin) - pem (PEM encoding/decoding routines) - pgp (PGP encoding/decoding routines) - pkcs1 (PKCS#1 encoding/decoding routines) - pkcs8 (PKCS#8 decoding routines) - pkcs12 (PKCS#12 decoding routines) - pubkey (Wrapper to handle raw public keys as trusted certificates) - random (RNG reading from /dev/[u]random) - rc2 (RC2 cipher software implementation) - revocation (X.509 CRL/OCSP revocation checking) - sha1 (SHA1 hasher software implementation) - sha2 (SHA256/SHA384/SHA512 hasher software implementation) - sshkey (SSH key decoding routines) - x509 (Advanced X.509 plugin for parsing/generating X.509 certificates/CRLs and OCSP messages) - xcbc (XCBC wrapper using various ciphers) - attr (Provides IKE attributes configured in strongswan.conf) - kernel-netlink [linux] (IPsec/Networking kernel interface using Linux Netlink) - kernel-pfkey [kfreebsd] (IPsec kernel interface using PF_KEY) - kernel-pfroute [kfreebsd] (Networking kernel interface using PF_ROUTE) - resolve (Writes name servers received via IKE to a resolv.conf file or installs them via resolvconf(8)) Package: libstrongswan-standard-plugins Description-md5: 84424f5380a28b65d960aa52e6f242ea Description-en: strongSwan utility and crypto library (standard plugins) The strongSwan VPN suite uses the native IPsec stack in the standard Linux kernel. It supports both the IKEv1 and IKEv2 protocols. . This package provides some common plugins for the strongSwan utility and cryptograhic library. . Included plugins are: - agent (RSA/ECDSA private key backend connecting to SSH-Agent) - gcm (GCM cipher mode wrapper) - openssl (Crypto backend based on OpenSSL, provides RSA/ECDSA/DH/ECDH/ciphers/hashers/HMAC/X.509/CRL/RNG) Package: strongswan Description-md5: 60d8ad9f14179591b0cca394e94e3d4b Description-en: IPsec VPN solution metapackage The strongSwan VPN suite uses the native IPsec stack in the standard Linux kernel. It supports both the IKEv1 and IKEv2 protocols. . This metapackage installs the packages required to maintain IKEv1 and IKEv2 connections via ipsec.conf or ipsec.secrets. Package: strongswan-charon Description-md5: 3f55915d17f7e36d9b31e2c4da5c11d2 Description-en: strongSwan Internet Key Exchange daemon The strongSwan VPN suite uses the native IPsec stack in the standard Linux kernel. It supports both the IKEv1 and IKEv2 protocols. . charon is an IPsec IKEv2 daemon which can act as an initiator or a responder. It is written from scratch using a fully multi-threaded design and a modular architecture. Various plugins can provide additional functionality. Package: strongswan-libcharon Description-md5: 7ee8a1dbaf495a152a7f4be5e054abca Description-en: strongSwan charon library The strongSwan VPN suite uses the native IPsec stack in the standard Linux kernel. It supports both the IKEv1 and IKEv2 protocols. . This package contains the charon library, used by IKE client like strongswan-charon, strongswan-charon-cmd or strongswan-nm as well as standard plugins: - socket-default - counters - bypass-lan (disabled by default) . On Linux, it also contains the xfrmi binary which can be used on Linux 4.19+ to create XFRM interfaces (for more information, see https://wiki.strongswan.org/projects/strongswan/wiki/RouteBasedVPN) Package: strongswan-starter Description-md5: b25b8defb52457fc021a93ec427b9da8 Description-en: strongSwan daemon starter and configuration file parser The strongSwan VPN suite uses the native IPsec stack in the standard Linux kernel. It supports both the IKEv1 and IKEv2 protocols. . The starter and the associated "ipsec" script control the charon daemon from the command line. It parses ipsec.conf and loads the configurations to the daemon.