ike - The Shrew Soft VPN Client

Distribution: openSUSE 13.2
Repository: openSUSE Security all
Package name: ike
Package version: 2.2.1
Package release: 3.1
Package architecture: i586
Package type: rpm
Installed size: 1.12 MB
Download size: 333.95 KB
Official Mirror: ftp.gwdg.de
The Shrew Soft VPN Client for Unix is a free IPsec Client for FreeBSD, NetBSD and Linux based operating systems. It was originally developed to provide secure communications between mobile Windows hosts and open source VPN gateways that utilize standards compliant software such as ipsec-tools, OpenSWAN, FreeSWAN, StrongSWAN, isakmpd. It now offers many of the advanced features only found in expensive commercial software solutions and provides compatibility for VPN appliances produced by vendors such as Cisco, Juniper, Checkpoint, Fortinet, Netgear, Linksys, Zywall and many others. It supports most of the features availalble in the Windows VPN Client version with the exception of those which are not cross platform compatible.



  • config(ike) = 2.2.1-3.1
  • ike = 2.2.1-3.1
  • ike(x86-32) = 2.2.1-3.1
  • libss_idb.so.2.2.1
  • libss_ike.so.2.2.1
  • libss_ip.so.2.2.1
  • libss_ith.so.2.2.1
  • libss_log.so.2.2.1
  • libss_pfk.so.2.2.1


    Binary package: ike-2.2.1-3.1.i586.rpm
    Source package: ike-2.2.1-3.1.src.rpm

    Install Howto

    1. Add the openSUSE Security repository:
      # zypper addrepo http://ftp.gwdg.de/pub/opensuse/repositories/security/openSUSE_13.2/ opensuse-security
    2. Install ike rpm package:
      # zypper install ike


    • /etc/iked.conf
    • /usr/bin/ikec
    • /usr/bin/qikea
    • /usr/bin/qikec
    • /usr/lib/libss_idb.so
    • /usr/lib/libss_idb.so.2.2.1
    • /usr/lib/libss_ike.so
    • /usr/lib/libss_ike.so.2.2.1
    • /usr/lib/libss_ip.so
    • /usr/lib/libss_ip.so.2.2.1
    • /usr/lib/libss_ith.so
    • /usr/lib/libss_ith.so.2.2.1
    • /usr/lib/libss_log.so
    • /usr/lib/libss_log.so.2.2.1
    • /usr/lib/libss_pfk.so
    • /usr/lib/libss_pfk.so.2.2.1
    • /usr/lib/systemd/system/iked.service
    • /usr/sbin/iked
    • /usr/sbin/rciked
    • /usr/share/doc/packages/ike/LICENSE.TXT
    • /usr/share/doc/packages/ike/README.TXT
    • /usr/share/doc/packages/ike/iked.conf.sample
    • /usr/share/man/man1/ikec.1.gz
    • /usr/share/man/man1/qikea.1.gz
    • /usr/share/man/man1/qikec.1.gz
    • /usr/share/man/man5/iked.conf.5.gz
    • /usr/share/man/man8/iked.8.gz


    2016-08-10 - chris@computersalat.de - fix cmake call (PREFIX -> CMAKE_INSTALL_PREFIX) * remove obsolete ike-cmake.patch - format spec - fix License (Sleepycat) - add systemd support * iked.service - do not replace config * config(noreplace)

    2014-06-19 - stefan.bruens@rwth-aachen.de - fix for bnc#883421 * fix bad dirent access after closedir, qikea fails to list the existing connections * add fix_dirent_access_after_closedir.patch

    2014-01-21 - chris@computersalat.de - update to 2.2.1 * Modify the open source license to reflect the current year. * Modify iked to perform a WIN32 only DNS proxy check routine. * Fix an issue with iked on Linux/BSD that caused the program to exit prematurely if a pid file was not specified on the command line. - removed obsolete patches: * ike-iked.patch

    2013-05-04 - chris@computersalat.de - update to 2.2.0 * several Bug Fixes and improvements * Qt4 interface * for more info please see https://www.shrew.net/download/changelog/ike/2.2.0-release - rebase cmake patch, remove version string - add iked patch (iked services does not remain running) - fix buildarch for doc pkg -> noarch - use source url

    2012-09-12 - chris@computersalat.de - add init script

    2010-11-01 - chris@computersalat.de - update to 2.1.7 o Correct an issue with the VPN Access Manager related to pcf import. When a non encrypted password is present, don't try to hex-decode it. Just import it as plain text. o Make sure we don't try to set the initial flag to true on a non-ipsec policy. Wait for the first ipsec policy instead. Thanks to Michael Kenny for diagnosing this issue and submitting the patch. o Correct an issue in ikea with the dialog updates after loading the phase1 and phase2 options. Make sure we call the update functions at the end of the load process. o Modify the location of dialog update helper routine calls in the site configuration load member function. The must be called in the correct order or problems will occur. Thanks to Michael Kenney for reporting this issue. o Correct a bug in the ikec program that caused an invalid filename to be displayed when prompting the user for a password. Thanks to Michael Kenny for submitting this patch. o Modify iked to only create a NONE policy for the next-hop address when the vpn gateway is not on a network locally attached to the client. This caused communication failures as the route was being installed as -> next-hop which is obviously incorrect. o Fix a bug with the shared policy level support. When a IPsec SA expires, the peer may attempt to initiate a new phase2 negotation as a replacement. This will cause negotiation to fail as the source ID will always be which won't match a policy. Correct this by only matching policies the destination ID since the source ID will always be generic.

    2010-10-01 - chris@computersalat.de - initial package 2.1.6