[stunnel-users] Use stunnel through firewall for home Web server?

• Previous message (by thread): [stunnel-users] Use stunnel through firewall for home Web server?
• Next message (by thread): [stunnel-users] Use stunnel through firewall for home Web server?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 1:58 PM +0100 1/24/09, Bill Eldridge wrote:
>Tom Shaw wrote:
>>>>>
>>>>>As an example if I run Apache on my home machine, I'd like it to 
>>>>>start the tunnel when
>>>>>I turn it on, have it automatically set up stunnel to a Linux 
>>>>>box I have on the public net,
>>>>>and have anything to port 8090 on the Linux box get passed to my 
>>>>>home machine 8080.
>>>>>
>>>>
>>>>Easier to use ssh to port forward in this instance, IMHO. But 
>>>>why? Seems like just port mapping on the NAT router would work 
>>>>just as well and with no different effect on security.
>>>Because I won't be able to add ssh or access the router in a 
>>>number of cases where I need this,
>>>but I believe I'll have access to stunnel in many/most cases. 
>>>Necessity is the mother of invention.
>>
>>Maybe I am all wet but is seems to me that a) if you can put 
>>stunnel at both ends you can put ssh at both ends - saying that you 
>>would have access to stunnel and not ssh doesn't make any sense,
>If stunnel already exists on the machines and ssh doesn't and I don't
>have permission to install it, it makes sense.
>>b) why wouldn't you have access to your own router?
>If someone else installed it and didn't give me admin permission, for example,
>amongst other scenarios.

Still confused.

The premise you explained was, "I run Apache on my home machine, I'd 
like it to start the tunnel when I turn it on, have it automatically 
set up stunnel to a Linux box I have on the public net, and have 
anything to port 8090 on the Linux box get passed to my home machine 
8080."

In your scenario, you fundamentally want your home machine to accept 
connections from the public internet on port 8090. The simplest way 
it to configure apache to accept connections from port 8090 and allow 
port forwarding through your home router.

You scenario seems to require connections to be make to your public 
linux machine. I can only imagine why as there are plenty of simpler 
ways of associating a host with and IP or dealing with dynamic dns, 
etc. But OK Its your linux machine and your home machine and you now 
say that your linux distro didn't come with ssh - weird . So why not 
configure your linux apache to provide reverse proxy services for 
your home machine? Or create a VPN between your home machine and your 
linux public machine.

Your comment that you don't have access to either machine with admin 
privileges (your latest comment above) begs the obvious question as 
to how do you even expect to be able configure Stunnel or apache?

Sorry that I don't understand the problem you are trying to solve.

• Previous message (by thread): [stunnel-users] Use stunnel through firewall for home Web server?
• Next message (by thread): [stunnel-users] Use stunnel through firewall for home Web server?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]