[stunnel-users] Stunnel --- communication + encryption in both directions

Jan Meijer jan.meijer at surfnet.nl
Sun Jun 12 20:58:47 CEST 2005

On Tue, 7 Jun 2005, Paul Jones wrote:

> I am interested in using Stunnel, but I am a little confused currently.  The 
> "Forwarding an insecure port securely from one machine to another" 
> (http://www.stunnel.org/examples/generic_tunnel.html) example only discusses 
> the situation for sending data from the server to the client (i.e. a single 
> direction).  How would stunnel have to be set up so that encrypted 
> communication is achieve in both directions?  That is, from server to client 
> and also from client to server?
> Imagine that there is an application running on one end, and an identical app 
> running on the other end and neither supports encryption.  So I want to bring 
> stunnel into the picture, so that communication is encrypted/decrypted on 
> both ends.

It depends.  If both applications can initiate the tunnel then you need to 
establish two tunnels; one from A to B and one from B to A.  If only one 
of the two apps (say A) ever *initiates* a TCP conversation you can 
suffice with one tunnel but you already know that i guess.



More information about the stunnel-users mailing list