Virtual Private Networks
The common standard for Virtual Private Networks is IPSEC. For linux there are four implementations of IPSEC:
- FreeS/WAN has no support for smart cards, unless patched with the X.509 patch.
That patch comes with documentation how to use smart cards. FreeS/WAN project has ended, you might want to
use Openswan or strongSwan instead.
- Openswan supports OpenSC natively and must be compiled with OpenSC support.
If that is done, you can find more details in the Openswan documentation:
README.x509 has a chapter 8 about Smartcard support.
- strongSwan supports smart card authentication using PKCS#11 API. It should
work fine with opensc-pkcs11.so, please report your results. Detailed documentation is part of the
strongSwan documentation.
- Racoon does currently not support smart card authentication.
- OpenVPN does support PKCS#11 in current devel version. Successfuly
tested OpenSC with OpenVPN 2.1beta.7. They have a howto with details on it at http://openvpn.net/howto.html