This section is in preparation. See the section
Release Notes for a planned roadmap.
I will just give you the necessary links to find other documentation
on the following packages:
- CIPE (Cryptographic IP Encapsulation) by Olaf Titz (
Olaf.Titz@inka.de) ships with
the International Kernel Patch (see section
Obtaining and Installing the International Kernel Patch)---at
least the kernel modules. The userspace tools needed are available
http: //sites.inka.de/~bigred/devel/cipe.html. Latest version
is 1.3.0 (Apr 1999). There is also a mailing list dedicated to
CIPE. You can subscribe to it by sending a message with the single
line subscribe cipe-l in its body to
- FreeS/WAN (IPSec implementation) is available at
version is 1.1 (Oct 1999), which is reported to work well with 2.2
kernels (1.0 does not).
FreeS/WAN is a Linux based implementation of the IETF IPSec
standard. If you want to know all there is to know about IPSec, see
the RFC's concerned with it, esp. the famous RFC's 2401: Security
Architecture for the Internet Protocol thru 2412: The OAKLEY
Key Determination Protocol. Note, however, that these documents
add up to 20,000 lines of pure text or 800K.
This package is very complex indeed, but as it is based on an IETF
standard, it inter-operates with many other (commercial) VPN products,
including PGPnet. This makes it the single obvious choice for admins
that need extensive cross-platform capabilities.
There is a very active mailing list you can subscribe to, if you send
a message with the single line subscribe linux-ipsec in the
body of the message to
- ENSkip is an implementation of Sun's SKIP protocol. Its
advantages over other approaches include a long history, which implies
a relative stableness, and good cross-platform capabilities (at least
within the Unices department). You can find its homepage at
- VPND is another approach out there for Linux (and FreeBSD). You
can fetch additional information from its homepage at
http://sunsite.auc.dk/vpnd/. There is also a mailing list,
which you can subscribe to if you send an empty message to
email@example.com and follow the directions given
in the reply.
- SSH (Secure Shell) can also be employed to establish an
encrypted tunnel between two hosts. There is a VPN mini-HOWTO already
covering the setup, but it is rather dated (Aug 1997).