[stunnel-users] Stunnel PSK authentication

Michal Trojnara Michal.Trojnara at mirt.net
Thu Dec 11 23:38:11 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear Users,

Starting with stunnel-5.09b1 it is now possible to use stunnel without
certificates.
https://www.stunnel.org/downloads.html

Example server configuration is:

[PSK server]
accept = <stunnel_port>
connect = <dst_port>
PSKsecrets = psk.txt

, where the psk.txt may contain the following lines:

test1:oaP4EishaeSaishei6rio6xeeph3az
test2:yah5uS4aijooxilier8iaphuwah1Lo

Example client configuration:

[PSK client 1]
client = yes
accept = 127.0.0.1:<src_port>
connect = <stunnel_ip>:<stunnel_port>
PSKsecrets = psk1.txt
PSKidentity = test1

The psk1.txt file only needs to contain:

test1:oaP4EishaeSaishei6rio6xeeph3az

Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlSKHNMACgkQ/NU+nXTHMtE72wCg/EZp4NdVnkrQFffGVWZO65lE
QucAn3ddp+yTDruP+gNkevf///0olb1+
=o0k3
-----END PGP SIGNATURE-----


More information about the stunnel-users mailing list