Package strongswan

An OpenSource IPsec-based VPN and TNC solution

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key
exchange protocols in conjunction with the native NETKEY IPsec stack of the
Linux kernel.

Version: 5.9.11

General Commands

strongswan_pki Simple public key infrastructure (PKI) management tool
strongswan_pki---acert Issue an attribute certificate
strongswan_pki---dn Extract the subject DN of an X.509 certificate
strongswan_pki---est Enroll an X.509 certificate with an EST server
strongswan_pki---estca Get CA certificate[s] from an EST server
strongswan_pki---gen Generate a new RSA or ECDSA private key
strongswan_pki---issue Issue a certificate using a CA certificate and key
strongswan_pki---keyid Calculate key identifiers of a key or certificate
strongswan_pki---pkcs7 Provides PKCS#7 wrap/unwrap functions
strongswan_pki---print Print a credential (key, certificate etc.) in human readable form
strongswan_pki---pub Extract a public key from a private key or certificate
strongswan_pki---req Create a PKCS#10 certificate request
strongswan_pki---scep Enroll an X.509 certificate with a SCEP server
strongswan_pki---scepca Get CA [and RA] certificate[s] from a SCEP server
strongswan_pki---self Create a self-signed certificate
strongswan_pki---signcrl Issue a Certificate Revocation List (CRL) using a CA certificate and key
strongswan_pki---verify Verify a certificate using a CA certificate
strongswan_pt-tls-client Simple client using PT-TLS to collect integrity information

File Formats

strongswan.conf strongSwan configuration file
strongswan_ipsec.conf IPsec configuration and connections
strongswan_ipsec.secrets secrets for IKE/IPsec authentication
strongswan_swanctl.conf swanctl configuration file

System Administration

strongswan invoke IPsec utilities
strongswan_charon-cmd Simple IKE client (IPsec VPN client)
strongswan_sec-updater Extracts security update information of Linux distributions
strongswan_sw-collector Extracts software installation events from dpkg history log
strongswan_swanctl strongSwan configuration, control and monitoring command line interface.