Openvpn daemon with pinpad reader (automated environment)
Posted: Tue Apr 14, 2015 3:54 pm
Hello,
I intend to implement a PKI infrastructure for my Openvpn network in an automated environment. I have Openvpn running with Feitian eToken Epass2003 but with big disadvandages for an automated environment (openvpn routers):
- I use Openvpn as a daemon in my routers which don't have screens and keyboards.
- when I start the routers I should connect to the router via a serial interface, login into the root account, start openvpn manually, enter the pin for my Feitian ePass2300 token which I consider it a very impractical solution.
I intend to replace Feitian eTokens with Gemalto idbridge ct700 pinpad reader and a Feitian PKI smartcard.
Gemalto idbridge ct700 is libccid PC/SC compliant like my ePass2300.
My question is:
Does anybody has an experience with openvpn and libccid PC/SC compliant pinpad readers?
Does the pinpad reader asks for PIN when openvpn daemon starts? I mention that I will start opensc daemon befor I will start openvpn daemon.
Thank anyone who can help in any way!
I intend to implement a PKI infrastructure for my Openvpn network in an automated environment. I have Openvpn running with Feitian eToken Epass2003 but with big disadvandages for an automated environment (openvpn routers):
- I use Openvpn as a daemon in my routers which don't have screens and keyboards.
- when I start the routers I should connect to the router via a serial interface, login into the root account, start openvpn manually, enter the pin for my Feitian ePass2300 token which I consider it a very impractical solution.
I intend to replace Feitian eTokens with Gemalto idbridge ct700 pinpad reader and a Feitian PKI smartcard.
Gemalto idbridge ct700 is libccid PC/SC compliant like my ePass2300.
My question is:
Does anybody has an experience with openvpn and libccid PC/SC compliant pinpad readers?
Does the pinpad reader asks for PIN when openvpn daemon starts? I mention that I will start opensc daemon befor I will start openvpn daemon.
Thank anyone who can help in any way!