套件:ocserv(0.12.2-3)
OpenConnect VPN server compatible with Cisco AnyConnect VPN
OpenConnect server (ocserv) is an SSL VPN server. Its purpose is to be a secure, small, fast and configurable VPN server. It implements the OpenConnect SSL VPN protocol, and has also (currently experimental) compatibility with clients using the AnyConnect SSL VPN protocol. The OpenConnect VPN protocol uses the standard IETF security protocols such as TLS 1.2, and Datagram TLS to provide the secure VPN service. The server is implemented primarily for the GNU/Linux platform but its code is designed to be portable to other UNIX variants as well.
Ocserv's main feature is isolation of the VPN users from the main VPN server process. Each authenticated user is assigned an unprivileged worker process, and a networking (tun) device. That not only eases the control of the resources of each user or group of users, but also prevents privilege escalation due to any bug on the VPN handling (worker) server. Each VPN user can be authenticated using password, PAM, public key (in a smart card or not) or any combination of methods.
其他與 ocserv 有關的套件
|
|
|
|
-
- dep: dbus
- simple interprocess messaging system (daemon and utilities)
-
- dep: libc6 (>= 2.28)
- GNU C 函式庫:共用函式庫
同時作為一個虛擬套件由這些套件填實: libc6-udeb
-
- dep: libev4 (>= 1:4.04)
- high-performance event loop library modelled after libevent
-
- dep: libgeoip1
- non-DNS IP-to-country resolver library
-
- dep: libgnutls30 (>= 3.6.6)
- GNU TLS library - main runtime library
-
- dep: libgssapi-krb5-2 (>= 1.14+dfsg)
- MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
-
- dep: libhttp-parser2.8 (>= 2.1)
- parser for HTTP messages written in C
-
- dep: liblz4-1 (>= 0.0~r130)
- Fast LZ compression algorithm library - runtime
-
- dep: libnettle6
- low level cryptographic library (symmetric and one-way cryptos)
-
- dep: libnl-3-200 (>= 3.2.7)
- library for dealing with netlink sockets
-
- dep: libnl-route-3-200 (>= 3.2.7)
- library for dealing with netlink sockets - route interface
-
- dep: liboath0 (>= 1.8.0)
- OATH Toolkit Liboath library
-
- dep: libpam0g (>= 0.99.7.1)
- Pluggable Authentication Modules library
-
- dep: libpcl1
- Portable Coroutine Library (PCL)
-
- dep: libprotobuf-c1 (>= 1.0.1)
- Protocol Buffers C shared library (protobuf-c)
-
- dep: libradcli4
- Enhanced RADIUS client library
-
- dep: libreadline7 (>= 6.0)
- GNU readline 與 history 函式庫,執行時期函式庫
-
- dep: libseccomp2 (>= 0.0.0~20120605)
- high level interface to Linux seccomp filter
-
- dep: libsystemd0
- systemd utility library
-
- dep: libtalloc2 (>= 2.0.4~git20101213)
- hierarchical pool based memory allocator
-
- dep: libtasn1-6 (>= 4.12)
- 管理 ASN.1 結構 (執行階段)
-
- dep: libwrap0 (>= 7.6-4~)
- Wietse Venema 的 TCP 包裝函式庫
-
- dep: lsb-base
- Linux Standard Base init script functionality
-
- dep: ssl-cert
- simple debconf wrapper for OpenSSL
-
- rec: ca-certificates
- Common CA certificates
-
- rec: gnutls-bin
- GNU TLS library - commandline utilities