Free securely software for linux

Sleutel is an RCP based Password Manager.
Sleutel is a password manager that is written in Java and based upon the Eclipse Rich Client Platform (RCP). Sleutel securely manages all your web site and application passwords so you dont have to.
Main features:
- Manages lists of id/passwords pairs for accessing web sites, using a master password, allowing for high strenghth web site passwords
- Passwords are stored in encrypted form.
- Runs on multiple platforms (Windows XP, Linux, MacOS and more)
- Keeps track of password entry usage to indentify entries that may be manually deleted over time.
- Can generate passwords that use user configurable character sets (uppercase, lowercase, special charaters etc)
- Ease of use: Sleutel pre-generates passwords at password entry creation, removing the need to explicitly generate one in a seperate step.
- Ease of use: Search for password entries quickly using the quick search field on the toolbar.
- Using Eclipse RCP perspectives, you can layout the UI as required and layouts are retained by Sleutel.

Fast Secure File System exports existing directories securely over the network, letting users store and retrieve encrypted data in a scalable and transparent way. FSFS is written in C and works on GNU/Linux systems on x86 and PPC architectures, with help from FUSE and OpenSSL.
File systems are easily the most evident, from the point of view of users, component of an operating system. Through file systems it is possible to organize data in a wide variety of ways, and access resources through a common interface.
Users can nowadays not only store and retrieve documents, but also find information on running processes and system settings (through ProcFS), access and manipulate e-mail (for example with GmailFS), or perform several other operations.
In several circumstances and scenarios it is desirable to protect stored files and directories from manipulation by unknown or malicious users: financial or health-related data, confidential documents, or any kind of personal or sensitive data may need to be stored securely, in such a way that it can not be examined or modified freely by third parties.
Most file systems do not take action in this sense, and external cryptographic utilities are sometimes employed to secure data before storage. While this can be a perfectly secure solution, it is not transparent to users.
Distributed file systems propose efficient ways of accessing data remotely as if it resided on the local machine; when it comes to dealing with securely stored data as in the examples above, care must be taken to preserve confidentiality and integrity also during network transfer.
Not all distributed file systems accomplish this task, weakening the overall security of the system, or do so inefficiently, making it inconvenient for users.
FSFS is a secure, distributed file system in users space, written in C with much help from FUSE and OpenSSL. It lets users store and retrieve data securely and transparently, knowing that it is protected both on permanent storage devices and while in transit over the network.
It is also concerned with scalability, therefore separates data cryptography from the server, leaving it to the clients; this approach is similar to the one used in CFS, and opposite to those taken on by other secure file system solutions (like NFS on top of IPsec).
FSFS is written as a pair of user space daemons that act as client and server. Because of this, it needs no kernel support (unlike NFS over IPsec), save the FUSE loadable kernel module on clients, included in Linux since 2.6.14; servers dont use FUSE and depend only on user space OpenSSL libraries.
Servers export an existing file system (of virtually any kind) to clients over the network through two separate channels: a TLS connection set up with OpenSSL, and a clear channel. Requests from the clients to the servers are sent via the TLS socket, thus they are encrypted and authenticated, according to TLS v1 specifications, by the channel itself and decrypted on receipt, as they are usually very short and the relevant cryptography does not constitute a great overhead; simple server replies undergo the same process.
Cryptography in this case happens at both ends of the transmission.
In a distributed file system, large amounts of data may be transferred between clients and servers, thus encrypting and decrypting everything may become too cumbersome for both parties, and as more clients are added to the system the server may severely lose performance; moreover, file data should be stored encrypted anyway, so the cryptography could be moved to the clients, in such a way that each encrypts data before a write operation sends it over the network to the server, and decrypts it after a read retrieves it.
This way servers only deal with TLS details and can concentrate on serving client requests by doing the relevant I/O on the underlying, "physical" file system. As the data is already encrypted, it does not need to go through the TLS channel and the corresponding overhead, but can be sent via the clear channel, provided the messages are authenticated.
Enhancements:
- This release fixes two bugs. One bug related to socket creation and would cause problems on some systems (namely OpenSUSE 10.2). The other bug related to server configuration creation when using the Python configuration utilities. Users dont need to upgrade to this release if theyre not experiencing problems or are not using the Python configuration utilities.

KcmPureftpd is an KDE KControl module for configuring pure-ftpd FTP server. The goal is to have medium users to configure their server securely and conveniently, without the burden of knowing tons of command line switches.

KcmPureftpd consist from two KControl modules:

* Script Generator - Its intended for system administrators which need to make or modify startup scripts for various administered servers. Of course, it work very well for your own little Linux/UNIX machine.
* Statistics - This module allow you to track statistics from pure-ftpd. You can see real time information about FTP connection on your FTP server as well you may follow information written to syslog by the server.

BarracudaDrive project is a multi-user secure web based file manager with no need for FTP access.
With BarracudaDrive, you can securely upload, download, and manage your files on your home computer from anywhere in the world. BarracudaDrive also bypasses firewalls and proxies since the communication protocol is HTTPS. The communication is protected by using SSL so no one can eavesdrop on your file transfer.
For example, if you have a high speed internet connection at home, you can use the BarracudaDrive web file manager to securely copy files to and from your home computer from any remote computer that has internet access. Remotely operating the BarracudaDrive web file manager is easier if you have a static IP address, or you use a service such as No-IP. BarracudaDrive comes with an integrated 1024-bits SSL certificate.
Usage:
BarracudaDrive attempts to open a server socket on port 80 and 443. If the ports cannot be opened, BarracudaDrive attempts to open ports in the ranges 8080 to 8100 and 8443 to 8500. You must make sure the executable has permission to open the default ports 80 and 443, or setup your router to redirect port 80 to 8080 and port 443 to port 8443.
BarracudaDrive requires that the executable has read and write permission in the directory where you started BarracudaDrive. This directory is not necessarily the same as the directory you installed the executable. BarracudaDrive maintains the user and constraint database by reading from and writing to two XML files.
Enhancements:
- This release has been redesigned.

SSL-Explorer project is the worlds first open-source SSL VPN solution of its kind. This unique remote access solution provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser.
SSL-based VPNs have become a hot topic in recent years. The benefits to productivity and the low maintenance overhead that comes with browser-based VPN solutions are something that cannot be overlooked by most businesses, though implementation costs can often be prohibitive.
In contrast to a conventional IPsec-based solution, no client side code needs to be installed on your end users systems. SSL VPNs rely on Javatm based technology and hence require only a standard web browser to operate.
Standard network protocols can be tunnelled through the SSL connection, meaning that email and intranet web/file resources are easily and securely accessible from outside the corporate network.
The use of SSL is highly beneficial in these circumstances since most firewall policies grant access to SSL traffic by default, meaning that no additional configuration is required. Our solution is not a firewall, but it effectively allows you to lock-down your network, leaving just a single port open on your firewall.
Enhancements:
Core
- Restart message is not prominent when a parameter is changed which requires a restart.
- A newly created resource should be seen instantly to logged in users without users having to log out and back in again.
- Name search does not escape invalid XML characters from the username.
- Name search is unable to find users with a space in the name.
- HTTP header injection exploit.
- Policies not listed in resource info tooltip.
- No Restart notification displayed when a valid license is installed after an invalid license upload fails.
- The SingleConnection tunnel command when creating extensions does not work with the false flag.
- Page table should provide each page in blocks of 10 items.
- Some system properties dissapear if an extension fails to upload.
- Sessions are not cleaned up after user disconnects.
- Group page GUI refactored.
- Status page GUI refactored.
- License manager page GUI refactored.
- Replacements option moved under web forwards.
- Replacement variables do not contain session:username and password in agent server proxy tab.
- Weak ciphers have been disabled for default configurations.
- Extension store fails to download plug-in dependencies.
- Access right page has strange 5000 resource type exists.
- Policy selection page contains redundant up and down button functionality.
- Creating a user then cancelling during password assignment.
- Creating applications with integer parameters are unable to use user attributes.
- Remote tunnels do not show in tunnel monitor.
- SSL-Tunnel source interface has no validation.
- Pressing cancel in profiles page when the session has timed out causes an exception if you try to press cancel again.
- Profiles page refactored.
- Checking a checkox in global profiles is unchecked after you change tabs.
- If you have a User and a Group with the same name, these cant both be assigned to a policy.
- Assigning a user which doesnt exist to a policy throws an exception.
- User cannot create an attribute even though they have been given the access rights to do so.
- Description is not a required field when creating an attribute.
- Filter does not work in attributes.
- Attributes page GUI refactored.
- Extension page GUI refactored.
- If a disabled extension has an update available the info page shows an exception.
- Password authentication scheme should be the only authentication scheme whenever prompted for re-authentication.
- Authentication scheme page GUI refactored.
- An authentication scheme should be allowed to be primary if a secondary scheme also exists.
- Redirection when canceling out of selecting an authentication scheme at logon is incorrect.
Installer
- Stepping back through the installer and changing the certificate type causes unusual behaviour during installation.
- Installation of extensions step in installer is irrelevant.
- Insallation progress bar added.
- Selecting All interfaces in the web server configuration step causes the service to fail.
Internationalization
- Selecting default language or disabling user selecting language do not work.

PPTP stands for Point to Point Tunneling Protocol. It was developed by a consortium including Microsoft and is used for establishing VPN (Virtual Private Network) tunnels across the Internet. This allows remote users to securely and inexpensively access their corporate network from anywhere on the Internet.
PPTP is built on a client-server model for establishing VPN connections. Most Microsoft operating systems ship with a PPTP client, so there is no need to purchase third-party client software. PPTP has the additional advantage over other VPN technologies of being easy to setup.
Before Poptop, no solution existed if you wish to connect PPTP clients to Linux servers. Using Poptop, Linux servers can now function seamlessly in a PPTP VPN environment. This enables administrators to leverage the considerable benefits of both Microsoft and Linux operating systems.
The current release version supports Windows 95/98/Me/NT/2000/XP PPTP clients and Linux PPTP clients.
Poptop is free software, licensed under the terms of the GNU GPL.
Main features:
- Microsoft compatible authentication and encryption (MSCHAPv2, MPPE 40 - 128 bit RC4 encryption)
- Support for multiple client connections
- Seamless integration into a Microsoft network environment (LDAP, SAMBA) using RADIUS plugin
- Works with Windows 95/98/Me/NT/2000/XP PPTP clients
- Works with Linux PPTP client
- Poptop is, and will remain, totally free under the GNU General Public License

bibEC Process Card is a multiple gateway credit card payment processor.
This class is meant to process credit card payments via one of multiple payment gateways that are supported.
Currently the class supports the following payment gateways: Plug and Pay, Authorize.net, ViaKlix, and paynet . Changing between payment gateways is mostly a matter of changing the class constructor parameter.
The class provides a payment gateway independent API with functions for:
- Logging the payment activity
- Set the payment gateway authentication credentials
- Set the paying customer details
- Set the ship to details
- Set the credit card details
- Set the valuta
- Specify the order details
- Submit the payment processing request and retrieving the results
The payment submission is done securely when possible using PHP SSL socket connections or the Curl extension for PHP or the Curl command line.

Download Sentinel++ is an Anti-leech, download limiter / file manager, that uses tokens to verify downloads instead of HTTP_REFERER or IP which can be spoofed or changed.
The install is as painless as possible with only one file to upload and execute. The install automatically creates the sub-directories and files, all you need to do is follow the on-screen instructions for permissions.
Security has been the focus throughout development, even the install program is built on the latest recomendations for security. Logging is done with text files and can have errors and alerts sent via email or stored in a txt file.
Downloads can be limited to a certain transfer size per time frame, which can be further broken down into smaller intervals, all with only a couple settings. This helps spread out the limitation to different timezone and prevents all available bandwidth being used in a short period
Main features:
- Completely free (free as in speech);
- Multiple language capability (all text is in config file, no hardcoded messages);
- Download counter file;
- xhtml/css compliant message output, fully customizable;
- Install script for easy setup;
- All user supplied input securely handled;
- Uses tokens to validate download requests. A superior method than .htaccess or http_referer which can be spoofed or limit users with firewalls;
- Tokens are good for a day by default, but can be set to expire at any time in 1 minute increments;
- A log is kept of invalid token attempts and information on tracking down the source;
- All errors and warnings can be written to a log file or sent to an email address;
- Supports unlimited directory structure of downloadable files (no need to specify where a file is located);
- Option to turn off bandwidth protection;
- Option to turn off any error/log report;
- Robust error handling;
- Ability to specify the total amount of transfer (bandwidth) allowed, over the total amount of time;
- Ability to specify interval lengths for download cut-off so all the allowed bandwidth does not go to one time zone / day /hour;
- Ability to put in a ratio of download clicks to actual bandwidth used;
- Log of all download details kept;
- Download log can be auto-archived;
- Ability to specify the download log size before archive;
- Ability to specify the download archive size before deleting;
- Ability to have a warning issued (email or log file) about the archive file reaching its maximum;
- Download count can be tracked in a Mysql database;
- Flood control on user clicks. Ability to set the number of times a user can click on a link in a given interval;
- Ability to allow specific offsite downloads via tokens;
- Pre-made example download page that is xhtml/css compliant;
- Pre-made file manager that displays all files, directories, sizes, downloads, dates, authors and descriptions for each file
- Ability to deny link sharing between browsers.
- Alternative install locations for secure files
- Logs automatically rotated, no on-going maintenance
- Ability to have multiple files with the same name
- Turn-Key install operation. Ready to begin secure downloads in 5 minutes or less;