The International Kernel Patch is the primary souce for encryption support for the Linux kernel. Due to export restrictions in some countries that prohibit the free flow and exchange of software that contains strong cryptography, it is not possible to include crypto support in the main kernel source tree (i.e. Linus' one).
Therefore, you should not consider the packages contained therein unstable or even unusable only because they are not contained in the main kernel. Most of this stuff is actually quite stable and I partly wrote this HOWTO to broaden the base of installed international kernels, so that code development can go on faster.
The International Kernel Patches are maintained by
Alexander Kjeldaas and can be
obtained from
ftp://ftp.kerneli.org/pub/linux/kerneli/v2.2/. The files to
download are named patch-int-a.b.c.d.gz, where a.b.c
is the kernel version and d is the patch level of the
International Kernel Patch for that particular kernel version.
I strongly recommend to get at least the 2.2.10.4 version of the patch, as it fixes a problem with moving around files that are used as loopback devices, see FAQ section. As of this writing (Jan 2000) 2.2.13.3 is the latest version. It includes a helper shell script to cleanly integrate FreeS/WAN 1.1 with it and should apply without rejects to all 2.2.1x kernels.
The international kernel is distributed in the form of patches. If you are not familiar with this distribution form, you should consult the Kernel HOWTO for how to apply patches to the kernel source. For the purpose of this document it suffices if you issue the following commands as root:
root# cd /usr/src/linux root# cp .config .. # this is a trick I use root# make mrproper # to avoid the changing of root# mv ../.config . # the .config file by mrproper root# zcat ~/patch-int-a.b.c.d.gz | patch -p1assuming that you downloaded the patch to root's home directory. The patch should apply without rejects.