strongswan-charon - strongSwan Internet Key Exchange daemon

Property Value
Distribution Ubuntu 18.04 LTS (Bionic Beaver)
Repository Ubuntu Main amd64
Package name strongswan-charon
Package version 5.6.2
Package release 1ubuntu2
Package architecture amd64
Package type deb
Installed size 222 B
Download size 21.36 KB
Official Mirror
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
charon is an IPsec IKEv2 daemon which can act as an initiator or a responder.
It is written from scratch using a fully multi-threaded design and a modular
architecture. Various plugins can provide additional functionality.


Package Version Architecture Repository
strongswan-charon_5.6.2-1ubuntu2.4_amd64.deb 5.6.2 amd64 Ubuntu Updates Main
strongswan-charon_5.6.2-1ubuntu2.4_i386.deb 5.6.2 i386 Ubuntu Updates Main
strongswan-charon_5.6.2-1ubuntu2_i386.deb 5.6.2 i386 Ubuntu Main
strongswan-charon - - -


Name Value
debconf -
debconf-2.0 -
iproute -
iproute2 -
libc6 >= 2.4
libstrongswan = 5.6.2-1ubuntu2
strongswan-libcharon -
strongswan-starter -


Name Value
ike-server -


Type URL
Binary Package strongswan-charon_5.6.2-1ubuntu2_amd64.deb
Source Package strongswan

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install strongswan-charon deb package:
    # sudo apt-get install strongswan-charon




2018-03-20 - Christian Ehrhardt <>
strongswan (5.6.2-1ubuntu2) bionic; urgency=medium
* d/control: fix dependencies of strongswan-libcharon due to the move
the updown plugin.
2018-03-16 - Christian Ehrhardt <>
strongswan (5.6.2-1ubuntu1) bionic; urgency=medium
* Merge with Debian unstable (LP: #1753018). Remaining changes:
+ Clean up d/strongswan-starter.postinst: section about runlevel changes
+ Clean up d/strongswan-starter.postinst: Removed entire section on
opportunistic encryption disabling - this was never in strongSwan and
won't be see upstream issue #2160.
+ Ubuntu is not using the debconf triggered private key generation
- d/rules: Removed patching ipsec.conf on build (not using the
debconf-managed config.)
- d/ipsec.secrets.proto: Removed reference (was
used for debconf-managed include of private key).
+ Mass enablement of extra plugins and features to allow a user to use
strongswan for a variety of extra use cases without having to rebuild.
- d/control: Add required additional build-deps
- d/control: Mention addtionally enabled plugins
- d/rules: Enable features at configure stage
- d/libbstrongswan-extra-plugins.install: Add plugins (so, lib, conf)
- d/libstrongswan.install: Add plugins (so, conf)
+ d/strongswan-starter.install: Install pool feature, which is useful since
we have attr-sql plugin enabled as well using it.
+ Add plugin kernel-libipsec to allow the use of strongswan in containers
via this userspace implementation (please do note that this is still
considered experimental by upstream).
- d/libcharon-extra-plugins.install: Add kernel-libipsec components
- d/control: List kernel-libipsec plugin at extra plugins description
- d/p/dont-load-kernel-libipsec-plugin-by-default.patch: As
upstream recommends to not load kernel-libipsec by default.
+ Relocate tnc plugin
- debian/libcharon-extra-plugins.install: Drop tnc from extra plugins
- Add new subpackage for TNC in d/strongswan-tnc-* and d/control
+ d/libstrongswan.install: Reorder conf and .so alphabetically
+ d/libstrongswan.install: Add kernel-netlink configuration files
+ Complete the disabling of libfast; This was partially accepted in Debian,
it is no more packaging medcli and medsrv, but still builds and
mentions it.
- d/rules: Add --disable-fast to avoid build time and dependencies
- d/control: Remove medcli, medsrv from package description
+ d/control: Mention mgf1 plugin which is in libstrongswan now
+ Add now built (since 5.5.1) libraries libtpmtss and nttfft to
libstrongswan-extra-plugins (no deps from default plugins).
+ Add rm_conffile for /etc/init.d/ipsec (transition from precies had
missed that, droppable after 18.04)
+ d/control, d/libcharon-{extras,standard}-plugins.install: Move charon
plugins for the most common use cases from extra-plugins into a new
standard-plugins package. This will allow those use cases without pulling
in too much more plugins (a bit like the tnc package). Recommend that
package from strongswan-libcharon.
+ d/control: bump breaks/replaces from libstrongswan-extra-plugins to
libstrongswan as we dropped relocating ccm and test-vectors.
(droppable >18.04).
+ d/control: add breaks/replace from libstrongswan to
libstrongswan-extra-plugins for the move of mgf1 to libstrongswan.
(droppable >18.04).
* Added Changes:
+ d/control: bump breaks/replaces from strongswan-libcharon to strongswan-
starter as we followed Debian to move the updown plugin but need to
match Ubuntu versions (Droppable >18.04).

See Also

Package Description
strongswan-libcharon_5.6.2-1ubuntu2_amd64.deb strongSwan charon library
strongswan-starter_5.6.2-1ubuntu2_amd64.deb strongSwan daemon starter and configuration file parser
strongswan-tnc-base_5.6.2-1ubuntu2_amd64.deb strongSwan Trusted Network Connect's (TNC) - base files
strongswan-tnc-client_5.6.2-1ubuntu2_amd64.deb strongSwan Trusted Network Connect's (TNC) - client files
strongswan-tnc-pdp_5.6.2-1ubuntu2_amd64.deb strongSwan plugin for Trusted Network Connect's (TNC) PDP
strongswan-tnc-server_5.6.2-1ubuntu2_amd64.deb strongSwan Trusted Network Connect's (TNC) - server files
strongswan_5.6.2-1ubuntu2_all.deb IPsec VPN solution metapackage
sudo_1.8.21p2-3ubuntu1_amd64.deb Provide limited super user privileges to specific users
swift-account_2.17.0-0ubuntu1_all.deb distributed virtual object store - account server
swift-container_2.17.0-0ubuntu1_all.deb distributed virtual object store - container server
swift-doc_2.17.0-0ubuntu1_all.deb distributed virtual object store - documentation
swift-object_2.17.0-0ubuntu1_all.deb distributed virtual object store - object server
swift-proxy_2.17.0-0ubuntu1_all.deb distributed virtual object store - proxy server
syslinux-common_6.03+dfsg1-2_all.deb collection of bootloaders (common)
syslinux-legacy_3.63+dfsg-2ubuntu9_amd64.deb Bootloader for Linux/i386 using MS-DOS floppies