[stunnel-users] Stunnel --- communication + encryption in both directions
jan.meijer at surfnet.nl
Sun Jun 12 20:58:47 CEST 2005
On Tue, 7 Jun 2005, Paul Jones wrote:
> I am interested in using Stunnel, but I am a little confused currently. The
> "Forwarding an insecure port securely from one machine to another"
> (http://www.stunnel.org/examples/generic_tunnel.html) example only discusses
> the situation for sending data from the server to the client (i.e. a single
> direction). How would stunnel have to be set up so that encrypted
> communication is achieve in both directions? That is, from server to client
> and also from client to server?
> Imagine that there is an application running on one end, and an identical app
> running on the other end and neither supports encryption. So I want to bring
> stunnel into the picture, so that communication is encrypted/decrypted on
> both ends.
It depends. If both applications can initiate the tunnel then you need to
establish two tunnels; one from A to B and one from B to A. If only one
of the two apps (say A) ever *initiates* a TCP conversation you can
suffice with one tunnel but you already know that i guess.
More information about the stunnel-users