软件包:ocserv(0.12.2-3)
OpenConnect VPN server compatible with Cisco AnyConnect VPN
OpenConnect server (ocserv) is an SSL VPN server. Its purpose is to be a secure, small, fast and configurable VPN server. It implements the OpenConnect SSL VPN protocol, and has also (currently experimental) compatibility with clients using the AnyConnect SSL VPN protocol. The OpenConnect VPN protocol uses the standard IETF security protocols such as TLS 1.2, and Datagram TLS to provide the secure VPN service. The server is implemented primarily for the GNU/Linux platform but its code is designed to be portable to other UNIX variants as well.
Ocserv's main feature is isolation of the VPN users from the main VPN server process. Each authenticated user is assigned an unprivileged worker process, and a networking (tun) device. That not only eases the control of the resources of each user or group of users, but also prevents privilege escalation due to any bug on the VPN handling (worker) server. Each VPN user can be authenticated using password, PAM, public key (in a smart card or not) or any combination of methods.
其他与 ocserv 有关的软件包
|
|
|
|
-
- dep: dbus
- 简单的进程间消息系统(守护程序与组件)
-
- dep: libc6 (>= 2.28)
- GNU C 语言运行库:共享库
同时作为一个虚包由这些包填实: libc6-udeb
-
- dep: libev4 (>= 1:4.04)
- high-performance event loop library modelled after libevent
-
- dep: libgeoip1
- non-DNS IP-to-country resolver library
-
- dep: libgnutls30 (>= 3.6.6)
- GNU TLS library - main runtime library
-
- dep: libgssapi-krb5-2 (>= 1.14+dfsg)
- MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
-
- dep: libhttp-parser2.8 (>= 2.1)
- parser for HTTP messages written in C
-
- dep: liblz4-1 (>= 0.0~r130)
- 快速 LZ 压缩算法库 - 运行时
-
- dep: libnettle6
- low level cryptographic library (symmetric and one-way cryptos)
-
- dep: libnl-3-200 (>= 3.2.7)
- library for dealing with netlink sockets
-
- dep: libnl-route-3-200 (>= 3.2.7)
- library for dealing with netlink sockets - route interface
-
- dep: liboath0 (>= 1.8.0)
- OATH Toolkit Liboath library
-
- dep: libpam0g (>= 0.99.7.1)
- 插入式验证模块 (PAM) 库
-
- dep: libpcl1
- Portable Coroutine Library (PCL)
-
- dep: libprotobuf-c1 (>= 1.0.1)
- Protocol Buffers C shared library (protobuf-c)
-
- dep: libradcli4
- Enhanced RADIUS client library
-
- dep: libreadline7 (>= 6.0)
- GNU readline 与 history 库,运行时
-
- dep: libseccomp2 (>= 0.0.0~20120605)
- Linux seccomp 过滤器的高级接口
-
- dep: libsystemd0
- systemd 实用库
-
- dep: libtalloc2 (>= 2.0.4~git20101213)
- hierarchical pool based memory allocator
-
- dep: libtasn1-6 (>= 4.12)
- 管理 ASN.1 结构(运行库)
-
- dep: libwrap0 (>= 7.6-4~)
- Wietse Venema 的 TCP 包装库
-
- dep: lsb-base
- Linux 标准规范初始化脚本功能
-
- dep: ssl-cert
- OpenSSL 的简单 debconf 封装
-
- rec: ca-certificates
- 通用 CA 证书
-
- rec: gnutls-bin
- GNU TLS library - commandline utilities