[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] etoken on linux


  • Subject: Re: [Openvpn-users] etoken on linux
  • From: jamona perez <jamon_perez@xxxxxxxxxxx>
  • Date: Thu, 4 Oct 2007 15:33:45 +0200
  • Importance: Normal

oh, and by the way, do you know their pkcs11-xxx
settings, because settings such as
pkcs11-sign-mode and pkcs11-cert-private
are not that-well straightforward when looking at the man page
 
thanks again





> Date: Wed, 3 Oct 2007 10:59:01 +0200
> From: alon.barlev@xxxxxxxxx
> To: jamon_perez@xxxxxxxxxxx
> Subject: Re: [Openvpn-users] etoken on linux
> CC: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
>
> I know people are working with it.
> Please run openvpn under gdb and see if it gives some information.
> If it does, please execute "bt" and "thread apply all bt" and paste the output.
>
> Alon.
>
> On 10/3/07, jamona perez <jamon_perez@xxxxxxxxxxx> wrote:
> >
> > Hi,
> >
> > that's what I did.
> > I've installed following the instructions from the PDF
> > "etoken PKI Client 3.65 for linux" :
> > - installed pcsc-lite 1.2.0 (as specified in the doc), from the sources,
> > did go fine
> > - installed etoken-3-65.3-linux-redhat with the "petoken install 1"
> > command,
> > that also gave no error, after I'd fooled the installer into believing my
> > CentOS 4.4
> > was in fact a redhat Enterprise 4 (which I believe it is)
> > then :
> > - installed lzo and lzo-devel rpms taken from Dag Wiers rpm repo (v
> > 1.08-4.2.el4.i386)
> > - built openvpn-2.1_rc4 with rpmbuild -tb openvpn-2.1_rc4.tar.gz
> > - installed the rpm
> >
> > so my question remains. Is the build incorrect ?
> > should I upgrade pcsc-lite to 1.4.4 ?
> > does anyone has experienced that this particular library (libetpkcs11.so)
> > works with openvpn ?
> >
> > the provided utilities etckdump and etckinit work all right, and remember
> > that
> > openvpn --list-pkcs11-objects /usr/local/lib/libetpkcs11.so 0
> > prompts me correctly for a PIN a returns the objects fine
> >
> > thanks
> >
> >
> > ________________________________
> >
> > > Date: Tue, 2 Oct 2007 20:55:26 +0300
> > > From: alon.barlev@xxxxxxxxx
> > > To: jamon_perez@xxxxxxxxxxx
> > > Subject: Re: [Openvpn-users] etoken on linux
> >
> > >
> > > You should install the etoken drivers correctly on Linux.
> > > Don't copy anything from other system.
> > >
> > > On 10/2/07, jamona perez <jamon_perez@xxxxxxxxxxx> wrote:
> > > >
> > > > I've installed openvpn on a linux server (RHEL 4) and several windows
> > > > clients, using cryptoapi to use with etokens pro.
> > > > It took me a few hours where I did struggle for several days with
> > openswan.
> > > > OpenVPN rocks ;-)
> > > > Now to the point, I have some "Linux clients", so I've installed the
> > > > libetpkcs11.so library from the Aladdin PKI client on a test PC running
> > > > CentOS 4.4
> > > > when openvpn starts, it segfaults just after "VERIFY OK: depth=0,
> > > > /C=xxxxxxxx" (verose 3) and "SSLv3 write client key exchange A" (verbose
> > 9).
> > > > Is it a problem with my openvpn build ?
> > > > Does anyone had experience that such a setup had worked
> > > > (libetpkcs11.so+openvpn) ?
> > > > the pity is that
> > > > openvpn --show-pkcs11-objects /usr/local/lib/libetpkcs11.so 0
> > > > correctly prompts me for the PIN and shows me what is on the token...
> > > >
> > > > thanks in advance for your help
> > > >
> > > >
> > > > ________________________________
> > > > Avec Windows Live Spaces, publiez directement des messages électroniques
> > sur
> > > > votre blog ou ajoutez-y des photos, des blagues et d'autres infos. C'est
> > > > gratuit !
> > > >
> > -------------------------------------------------------------------------
> > > > This SF.net email is sponsored by: Microsoft
> > > > Defy all challenges. Microsoft(R) Visual Studio 2005.
> > > >
> > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> > > > _______________________________________________
> > > > Openvpn-users mailing list
> > > > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> > > >
> > https://lists.sourceforge.net/lists/listinfo/openvpn-users
> > > >
> > > >
> >
> >
> > ________________________________
> > Besoin d'un e-mail ? Créez gratuitement un compte Windows Live Hotmail, la
> > boîte e-mail entièrement personnalisable ! au même endroit.
> > -------------------------------------------------------------------------
> > This SF.net email is sponsored by: Microsoft
> > Defy all challenges. Microsoft(R) Visual Studio 2005.
> > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> > _______________________________________________
> > Openvpn-users mailing list
> > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> > https://lists.sourceforge.net/lists/listinfo/openvpn-users
> >
> >



Besoin d'un e-mail ? Créez gratuitement un compte Windows Live Hotmail et bénéficiez d'un filtre antivirus gratuit ! Windows Live Hotmail