Using a Cryptographic Hardware Token with Linux: the OpenSSL Project's New Engine
PKI provides a high level of protection by allowing the signing of e-mails, encryption of sockets and other cryptographic functions. A large standards base has evolved around PKI, and the open-source domain has taken on the task of implementing those standards to a high degree. PKI is based on the now well known public/private key-pair interaction. In this interaction a public/private key-pair is generated, and the public-key is used by external entities to verify data signed or encrypted by the private key. The private-key is held securely by the owner. The key can be held secure by a passphrase on either an encrypted file or a hardware token.
The link for this article located at Linux Journal is no longer available.