How To Install libstrongswan on Ubuntu 20.04

In this tutorial we learn how to install libstrongswan on Ubuntu 20.04. libstrongswan is strongSwan utility and crypto library strongSwan utility and crypto library

Introduction

In this tutorial we learn how to install libstrongswan on Ubuntu 20.04.

What is libstrongswan

libstrongswan is:

The strongSwan VPN suite uses the native IPsec stack in the standard Linux kernel. It supports both the IKEv1 and IKEv2 protocols.

This package provides the underlying libraries of charon and other strongSwan components. It is built in a modular way and is extendable through various plugins.

Some default (as specified by the strongSwan projet) plugins are included. For libstrongswan (cryptographic backends, URI fetchers and database layers):

  • aes (AES-128/192/256 cipher software implementation)
  • constraints (X.509 certificate advanced constraint checking)
  • dnskey (Parse RFC 4034 public keys)
  • drbg (NIST SP-800-90A Deterministic Random Bit Generator)
  • fips-prf (PRF specified by FIPS, used by EAP-SIM/AKA algorithms)
  • gmp (RSA/DH crypto backend based on libgmp)
  • hmac (HMAC wrapper using various hashers)
  • md5 (MD5 hasher software implementation)
  • mgf1 (Mask Generation Functions based on the SHA-1, SHA-256 and SHA-512)
  • nonce (Default nonce generation plugin)
  • pem (PEM encoding/decoding routines)
  • pgp (PGP encoding/decoding routines)
  • pkcs1 (PKCS#1 encoding/decoding routines)
  • pkcs8 (PKCS#8 decoding routines)
  • pkcs12 (PKCS#12 decoding routines)
  • pubkey (Wrapper to handle raw public keys as trusted certificates)
  • random (RNG reading from /dev/[u]random)
  • rc2 (RC2 cipher software implementation)
  • revocation (X.509 CRL/OCSP revocation checking)
  • sha1 (SHA1 hasher software implementation)
  • sha2 (SHA256/SHA384/SHA512 hasher software implementation)
  • sshkey (SSH key decoding routines)
  • x509 (Advanced X.509 plugin for parsing/generating X.509 certificates/CRLs and OCSP messages)
  • xcbc (XCBC wrapper using various ciphers)
  • attr (Provides IKE attributes configured in strongswan.conf)
  • kernel-netlink [linux] (IPsec/Networking kernel interface using Linux Netlink)
  • kernel-pfkey [kfreebsd] (IPsec kernel interface using PF_KEY)
  • kernel-pfroute [kfreebsd] (Networking kernel interface using PF_ROUTE)
  • resolve (Writes name servers received via IKE to a resolv.conf file or installs them via resolvconf(8))

Package: libstrongswan Architecture: amd64 Version: 5.8.2-1ubuntu3 Priority: optional Section: net Source: strongswan Origin: Ubuntu Maintainer: Ubuntu Developers [email protected] Original-Maintainer: strongSwan Maintainers [email protected] Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 1446 Depends: libc6 (>= 2.30), libcap2 (>= 1:2.10), libgmp10, libsystemd0 (>= 227) Recommends: libstrongswan-standard-plugins Suggests: libstrongswan-extra-plugins Filename: pool/main/s/strongswan/libstrongswan_5.8.2-1ubuntu3_amd64.deb Size: 356256 MD5sum: adaaa3ec6c32fb18d8e87bde7325ce0b SHA1: 8cade3692a7c1492151a5a5c4cb514aed3e02c95 SHA256: 69eb740e0a8dd7f168ff0c5c380d3963f190bc497f17bdb81641f4b7b3e30d2e Homepage: http://www.strongswan.org Description-en: strongSwan utility and crypto library The strongSwan VPN suite uses the native IPsec stack in the standard Linux kernel. It supports both the IKEv1 and IKEv2 protocols.

This package provides the underlying libraries of charon and other strongSwan components. It is built in a modular way and is extendable through various plugins.

Some default (as specified by the strongSwan projet) plugins are included. For libstrongswan (cryptographic backends, URI fetchers and database layers):

  • aes (AES-128/192/256 cipher software implementation)
  • constraints (X.509 certificate advanced constraint checking)
  • dnskey (Parse RFC 4034 public keys)
  • drbg (NIST SP-800-90A Deterministic Random Bit Generator)
  • fips-prf (PRF specified by FIPS, used by EAP-SIM/AKA algorithms)
  • gmp (RSA/DH crypto backend based on libgmp)
  • hmac (HMAC wrapper using various hashers)
  • md5 (MD5 hasher software implementation)
  • mgf1 (Mask Generation Functions based on the SHA-1, SHA-256 and SHA-512)
  • nonce (Default nonce generation plugin)
  • pem (PEM encoding/decoding routines)
  • pgp (PGP encoding/decoding routines)
  • pkcs1 (PKCS#1 encoding/decoding routines)
  • pkcs8 (PKCS#8 decoding routines)
  • pkcs12 (PKCS#12 decoding routines)
  • pubkey (Wrapper to handle raw public keys as trusted certificates)
  • random (RNG reading from /dev/[u]random)
  • rc2 (RC2 cipher software implementation)
  • revocation (X.509 CRL/OCSP revocation checking)
  • sha1 (SHA1 hasher software implementation)
  • sha2 (SHA256/SHA384/SHA512 hasher software implementation)
  • sshkey (SSH key decoding routines)
  • x509 (Advanced X.509 plugin for parsing/generating X.509 certificates/CRLs and OCSP messages)
  • xcbc (XCBC wrapper using various ciphers)
  • attr (Provides IKE attributes configured in strongswan.conf)
  • kernel-netlink [linux] (IPsec/Networking kernel interface using Linux Netlink)
  • kernel-pfkey [kfreebsd] (IPsec kernel interface using PF_KEY)
  • kernel-pfroute [kfreebsd] (Networking kernel interface using PF_ROUTE)
  • resolve (Writes name servers received via IKE to a resolv.conf file or installs them via resolvconf(8))

There are three methods to install libstrongswan on Ubuntu 20.04. We can use apt-get, apt and aptitude. In the following sections we will describe each method. You can choose one of them.

Install libstrongswan Using apt-get

Update apt database with apt-get using the following command.

sudo apt-get update

After updating apt database, We can install libstrongswan using apt-get by running the following command:

sudo apt-get -y install libstrongswan

Install libstrongswan Using apt

Update apt database with apt using the following command.

sudo apt update

After updating apt database, We can install libstrongswan using apt by running the following command:

sudo apt -y install libstrongswan

Install libstrongswan Using aptitude

If you want to follow this method, you might need to install aptitude first since aptitude is usually not installed by default on Ubuntu. Update apt database with aptitude using the following command.

sudo aptitude update

After updating apt database, We can install libstrongswan using aptitude by running the following command:

sudo aptitude -y install libstrongswan

How To Uninstall libstrongswan on Ubuntu 20.04

To uninstall only the libstrongswan package we can use the following command:

sudo apt-get remove libstrongswan

Uninstall libstrongswan And Its Dependencies

To uninstall libstrongswan and its dependencies that are no longer needed by Ubuntu 20.04, we can use the command below:

sudo apt-get -y autoremove libstrongswan

Remove libstrongswan Configurations and Data

To remove libstrongswan configuration and data from Ubuntu 20.04 we can use the following command:

sudo apt-get -y purge libstrongswan

Remove libstrongswan configuration, data, and all of its dependencies

We can use the following command to remove libstrongswan configurations, data and all of its dependencies, we can use the following command:

sudo apt-get -y autoremove --purge libstrongswan

References

Summary

In this tutorial we learn how to install libstrongswan package on Ubuntu 20.04 using different package management tools: apt, apt-get and aptitude.