Internet Key Exchange (IKEv1 and IKEv2) implementation for IPsec
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services. These services allow you
to build secure tunnels through untrusted networks. Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel. The resulting
tunnel is a virtual private network or VPN.
This package contains the daemons and userland tools for setting up
Libreswan.
Libreswan also supports IKEv2 (RFC7296) and Secure Labeling
Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04
Version: 4.14
File Formats | |
| ipsec.conf | IPsec configuration and connections |
| ipsec.secrets | secrets for IKE/IPsec authentication |
System Administration | |
| ipsec | invoke IPsec utilities |
| ipsec__import_crl | helper program for importing a crl to the NSS database |
| ipsec__plutorun | internal script to (re)start pluto on old SYSV initscript systems |
| ipsec__secretcensor | internal routing to sanitize files |
| ipsec__stackmanager | internal script to bring up kernel components for Libreswan |
| ipsec__unbound-hook | Opportunistic IPsec DNS unbound hook script |
| ipsec__updown | kernel and routing manipulation script |
| ipsec__updown.xfrm | klips manipulation script |
| ipsec_addconn | load a given policy into the pluto IKE daemon |
| ipsec_auto | control automatically-keyed IPsec connections |
| ipsec_barf | spew out collected IPsec debugging information |
| ipsec_checknss | Initialise the IPsec NSS database |
| ipsec_ecdsasigkey | generate ECDSA signature key |
| ipsec_import | Import PKCS#12 (*.p12) files into the IPsec NSS database |
| ipsec_initnss | Initialise the IPsec NSS database |
| ipsec_letsencrypt | invoke Opportunistic Encryption utilities |
| ipsec_look | get a quick summary of Libreswan status |
| ipsec_newhostkey | generate a new raw RSA authentication key for a host |
| ipsec_pluto | ipsec whack : IPsec IKE keying daemon and control interface |
| ipsec_readwriteconf | validate and output an Libreswan IPsec configuration file |
| ipsec_rsasigkey | generate RSA signature key |
| ipsec_setup | wrapper routine to the Libreswan init system |
| ipsec_show | see if a target IP address would get encrypted or not |
| ipsec_showhostkey | show host's authentication key |
| ipsec_showroute | show route to given address |
| ipsec_vendorid | list Vendor IDs known to libreswan |
| ipsec_verify | see if the IPsec subsystem has been installed correctly |
| ipsec_whack | alias for ipsec_pluto |
| pluto | alias for ipsec_pluto |