summaryrefslogtreecommitdiff
path: root/debian/control
blob: 3910ffedbf4743c48345860c9aedd3e6f61436c1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Source: strongswan
Section: net
Priority: optional
Maintainer: Rene Mayrhofer <rmayr@debian.org>
Standards-Version: 3.7.2.1
Build-Depends: debhelper (>= 4.1.16), libgmp3-dev, libssl-dev (>= 0.9.8-1), libcurl3-dev | libcurl2-dev, libopensc2-dev | libopensc1-dev | libopensc0-dev, libldap2-dev, libpam0g-dev, libkrb5-dev, bison, flex, dpatch, bzip2, po-debconf, hardening-wrapper, network-manager-dev

Package: strongswan
Architecture: any
Pre-Depends: debconf | debconf-2.0
Depends: ${shlibs:Depends}, ${misc:Depends}, bsdmainutils, debianutils (>=1.7), ipsec-tools, openssl, host, iproute
Suggests: curl
Provides: ike-server
Conflicts: freeswan (<< 2.04-12), openswan
Replaces: openswan
Description: IPSec utilities for strongSwan
 IPSec is Internet Protocol SECurity. It uses strong cryptography to provide
 both authentication and encryption services. Authentication ensures that
 packets are from the right sender and have not been altered in transit.
 Encryption prevents unauthorised reading of packet contents.
 .
 This version of strongSwan supports Opportunistic Encryption (OE) out of the
 box. OE enables you to set up IPSec tunnels to a site without
 co-ordinating with the site administrator, and without hand
 configuring each tunnel. If enough sites support OE, a "FAX effect"
 occurs, and many of us can communicate without eavesdroppers. 
 .
 In addition to OE, you may manually configure secure tunnels through
 untrusted networks. Everything passing through the untrusted net is
 encrypted by the IPSec gateway machine and decrypted by the gateway
 at the other end. The result is Virtual Private Network or VPN. This
 is a network which is effectively private even though it includes
 machines at several different sites connected by the insecure Internet.
 .
 Please note that you will need a recent kernel (>=2.4.24 or 2.6.x)
 for using this package. The standard Debian kernel includes both IPSec
 and crypto support, patching the kernel is no longer necessary!
 .
 If you want to use the KLIPS IPSec code for kernel modules instead of the
 native ones, you will need to install either openswan-modules-source or
 linux-patch-openswan and build the respective modules for your kernel.