Secure OpenVPN config with PAM

Network security expert Anand Sastry explains the relationship between OpenVPN and TLS, and points out where to learn about using OpenVPN and PAM.

I was told that OpenVPN is actually an implementation of TLS VPN. Is this true? Also, could you guide me to any reference materials for using PAM (Plug-able Authentication Module) with TLS VPN (OpenVPN)?

You are correct. OpenVPN is a SSL/TLS implementation that supports site-to-site VPNs in user space (i.e. a product

not requiring integration with the OS kernel, also known as "ring 0 space"). TLS is an SSLv3 implementation with some enhancements and fixes. The aim of TLS was to consolidate different SSL implementations. SSL/TLS VPN implementation in OpenVPN supports encryption of link traffic exactly like IPSEC VPNs. It is actively being developed and is a secure alternative to the more traditional appliance-based products.

PAM, or pluggable authentication module, is a flexible mechanism for authenticating users that provides a way to develop programs independent of the authentication scheme. A good place to start with OpenVPN config using PAM would be the readme for the auth-pam module. I have included the SVN link for v2.0.

This was first published in June 2010

Dig deeper on SSL and TLS VPN Security



Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: