Free ssl vpn software for linux

SSL++ is simple C++ library that encapsulates some of OpenSSL functionality in easy to use set of classes.
SSL++ library is in very early stage of development now, but can do enough already to be useful to C++ developers, who want to use SSL in their programs.
Following classes are provided:
- CSSLObject
- CSSLConnection
- CSSLServer
CSSLConnection class represents SSL-enabled connection between two machines.
It could be used on both server and client side. If used as server, it will allow you to accept exactly one connection. Kind of P2P.
CSSLServer class represents SSL-enables network server. On creation server binds to the socket, and listens for incomming connections. To receive next connection call nextClient() function. It will block untill connection is received and SSL handshake is performed. It returns pointer to ready for I/O CSSLConnection object. This object must be explicitly deleted, once you no longer need it.
CSSLObject class is base class for all SSL++ objects. It is responsible for library initialisation, and some common functions. If you are not hacking SSL++, you dont need it.
See client.cpp and server.cpp for examples of use.

SCMS project is a secure content management system. Some of its features are a role-based object-oriented design, conformance to XHTML 1.0 Transitional, strict I/O (input/output) validation, a custom session implementation, support for SSL and cookies (when run over SSL), session identifier regeneration, idle session expiration, account locking, account unlocking methods, encryption (with MD5, AES, SHA1, SHA256, SHA512, or WHIRLPOOL), and event logging.
Enhancements:
- The new permission system in users.php was implemented.
- The SCMS DB creation SQL was rewritten to include referential integrity for updates and deletes.

Amrita VPN is an easy-to-use open source VPN solution that runs on the GNU/Linux platform. The implementation is fully in userspace and requires no kernel patches or enhancements. It uses openssl library for strong encryption and authentication through SSLv3.
Amrita VPN IS used to connect two private networks through a public network such as the Internet. It requires only one end to have a direct Internet connection preferably with a permanent public IP address. The other end could be connected to the Internet via a masquerading router.
tar xvfz amvpn-0.99.tar.gz
- cd amvpn-0.99
- ./configure
- make
- make install
Root privilege is required to install and run AmritaVPN. You would need a root login shell to succesfully run make install. If youre logged in as root, then of course you already have a root login shell.Otherwise you must do: su - instead of simply su at command prompt.
Enhancements:
- Added keepalive message option.
- Added basic flow control logic in the relay loop - Prevents amvpn from becoming CPU-bound when theres a break/congestion in the outbound link.

SSL Proxy server listens on a TCP port, accepts SSL connections, and forwards them to another local or remote TCP port.
For example, it is possible to create an HTTPS server if you have an HTTP server and you run an SSL Proxy server on port 443 which forwards the connections to port 80.
SSL Proxys design makes it as secure as possible and still perform well.
Enhancements:
- Improved certificate handling (chained certificates are now supported), more error information on SSL protocol errors during SSL_accept(), -U and -D options (buffer size), and a "powered by" logo.

KVpnc is a KDE frontend for various vpn clients. KVpnc project supports Cisco VPN (vpnc) and IPSec (FreeS/WAN, racoon).
vpnc is a replacement for the cisco VPN client and its used as client for the cisco3000 VPN Concentrator, FreeS/WAN (OpenS/WAN) is a IPSec client for Linux 2.4.x and racoon is a IPSec client for Linux 2.6.x and *BSD. It supports also PPTP (pptpclient) and OpenVPN.
You need vpnc >= 0.2-rm+zomb-pre9.
Note: translators still welcome. Kvpnc is currently translated to Bulgarian, Chinese, Dutch, German, Hungary, Italian, French, Portuguese Brazilian, Polish, Slovak and Spanish.
Main features:
- Easy to use KDE gui
- Docking in kicker
- Localized GUI:
Bulgarian
Chinese
Dutch
French
German
Hungarian
Italian
Slovak
Polish
Portuguese Brazilian
Spanish
- VPN connection to Cisco concentrator
- VPN connection to VPN servers by using IPsec
- FreeS/WAN (Linux 2.4.x) support
- racoon (Linux 2.6.x/BSD) support
- PPTP support (pptpclient)
- OpenVPN support
- Multiple profiles
- Preshared secret support
- X509 certificate support
- Cisco PCF file import
- PKCS12 certificate import
- Ping test
- Automaticlly setting of routes and firewall rules (iptables) (currently: freeswan/racoon)
- Automaticlly network device detection (can be overridden)
- Log file writing
- DCOP interface
- user notification for sucessful connect/disconnect
- NAT-T support (racoon/OpenVPN/vpnc)

ssl-cert-check is a Bourne shell script that checks the expiration status of digital certificates on SSL servers.
It supports both interactive and batch modes and easily integrates with cron. It provides custom expiration thresholds and can be configured to send email if a certificate is close to expiring.
Enhancements:
- This release contains a new "-i" option to print the certificate issuer.
- The requirement to use GNU date has been removed (the program now uses a built-in Julian date routine).
- The documentation has also been significantly updated to include numerous useful examples.

SSL-Explorer project is the worlds first open-source SSL VPN solution of its kind. This unique remote access solution provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser.
SSL-based VPNs have become a hot topic in recent years. The benefits to productivity and the low maintenance overhead that comes with browser-based VPN solutions are something that cannot be overlooked by most businesses, though implementation costs can often be prohibitive.
In contrast to a conventional IPsec-based solution, no client side code needs to be installed on your end users systems. SSL VPNs rely on Javatm based technology and hence require only a standard web browser to operate.
Standard network protocols can be tunnelled through the SSL connection, meaning that email and intranet web/file resources are easily and securely accessible from outside the corporate network.
The use of SSL is highly beneficial in these circumstances since most firewall policies grant access to SSL traffic by default, meaning that no additional configuration is required. Our solution is not a firewall, but it effectively allows you to lock-down your network, leaving just a single port open on your firewall.
Enhancements:
Core
- Restart message is not prominent when a parameter is changed which requires a restart.
- A newly created resource should be seen instantly to logged in users without users having to log out and back in again.
- Name search does not escape invalid XML characters from the username.
- Name search is unable to find users with a space in the name.
- HTTP header injection exploit.
- Policies not listed in resource info tooltip.
- No Restart notification displayed when a valid license is installed after an invalid license upload fails.
- The SingleConnection tunnel command when creating extensions does not work with the false flag.
- Page table should provide each page in blocks of 10 items.
- Some system properties dissapear if an extension fails to upload.
- Sessions are not cleaned up after user disconnects.
- Group page GUI refactored.
- Status page GUI refactored.
- License manager page GUI refactored.
- Replacements option moved under web forwards.
- Replacement variables do not contain session:username and password in agent server proxy tab.
- Weak ciphers have been disabled for default configurations.
- Extension store fails to download plug-in dependencies.
- Access right page has strange 5000 resource type exists.
- Policy selection page contains redundant up and down button functionality.
- Creating a user then cancelling during password assignment.
- Creating applications with integer parameters are unable to use user attributes.
- Remote tunnels do not show in tunnel monitor.
- SSL-Tunnel source interface has no validation.
- Pressing cancel in profiles page when the session has timed out causes an exception if you try to press cancel again.
- Profiles page refactored.
- Checking a checkox in global profiles is unchecked after you change tabs.
- If you have a User and a Group with the same name, these cant both be assigned to a policy.
- Assigning a user which doesnt exist to a policy throws an exception.
- User cannot create an attribute even though they have been given the access rights to do so.
- Description is not a required field when creating an attribute.
- Filter does not work in attributes.
- Attributes page GUI refactored.
- Extension page GUI refactored.
- If a disabled extension has an update available the info page shows an exception.
- Password authentication scheme should be the only authentication scheme whenever prompted for re-authentication.
- Authentication scheme page GUI refactored.
- An authentication scheme should be allowed to be primary if a secondary scheme also exists.
- Redirection when canceling out of selecting an authentication scheme at logon is incorrect.
Installer
- Stepping back through the installer and changing the certificate type causes unusual behaviour during installation.
- Installation of extensions step in installer is irrelevant.
- Insallation progress bar added.
- Selecting All interfaces in the web server configuration step causes the service to fail.
Internationalization
- Selecting default language or disabling user selecting language do not work.