[stunnel-users] Connecting stunnels

Juhasz Gabor Gabor.Juhasz at KONE.com
Thu Mar 31 08:16:24 CEST 2016


Hi Ludolf,

Thanks for you reply.

Sorry, my first explanation was a bit fuzzy.

I modofied your picture a bit to explain what I want :

   stunnel client          stunnel server          stunnel client
 +---------------+       +------------------+    +---------------+
 |               |       |                  |    |               |
 | telnet client |       |    5.6.7.8:993 <======== 4.5.6.7:y    |
 | 127.0.0.1:x   |       |      stunnel     |    |    stunnel    |
 |  :            |       |    127.0.0.1:q   |    |  127.0.0.1:p  |
 |  :            |       |         :        |    |       :       |
 |  V            |       |         :        |    |       :       |
 | 127.0.0.1:23  |       |    127.0.0.1:z   |    |       V       |
 | stunnel       |       |        stunnel   |    | 127.0.0.1:23  |
 | 1.2.3.4:y ===============> 5.6.7.8:992   |    |  telnetserver |
 |               |       |                  |    |               | 
 +---------------+       +------------------+    +---------------+ 

In the stunnel server I'd like to connect the 2 tunnels
in order that telnet client can connect to telnet server.

Does stunnel have some solution for it? Or Do you know some standard stable and easy solution for it in Linux?

Thanks & Kind regards,
Gabor

________________________________________
From: stunnel-users [stunnel-users-bounces at stunnel.org] on behalf of Ludolf Holzheid [lholzheid at bihl-wiedemann.de]
Sent: Wednesday, March 30, 2016 4:49 PM
To: stunnel-users at stunnel.org
Subject: Re: [stunnel-users] Connecting stunnels

On Wed, 2016-03-30 12:45:25 +0000, Juhasz Gabor wrote:
> Hi Ludolf,
>
> Thanks for you reply.
>
> Yes, I mean how you wrote.
>
> Could you write the name of this feature or doc to understand how it works.

Hi Gabor,

I don't have a link to post, but you don't need any special feature of
stunnel.


The idea is to have two instances of stunnel, one of them on the
client's host and the other on the server's host.

The client connects to the local stunnel instance (which is to be run
in client mode, 'client = yes').  This stunnel instance establishes an
encrypted connection to the instance on the server's host, which in
turn sets up a clear-text connection to the server (which is to be run
in server mode, 'client = no').

For instance, to encrypt a telnet connection:

  client's host            server's host
 +---------------+       +----------------+
 |               |       |                |
 | telnet client |       |  telnet server |
 | 127.0.0.1:x   |       |    127.0.0.23  |
 |  :            |       |     ^          |
 |  :            |       |     :          |
 |  V            |       |     :          |
 | 127.0.0.1:23  |       |    127.0.0.1:z |
 | stunnel       |       |        stunnel |
 | 1.2.3.4:y ===============> 5.6.7.8:992 |
 |               |       |                |
 +---------------+       +----------------+

The vertical connections (with colons) are clear-text, the horizontal
connection (with equal signs) is encrypted.


Ludolf

--

Ludolf Holzheid

Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany

Tel: +49 621 33996-0
Fax: +49 621 3392239

mailto:lholzheid at bihl-wiedemann.de
http://www.bihl-wiedemann.de

Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796
_______________________________________________
stunnel-users mailing list
stunnel-users at stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users


More information about the stunnel-users mailing list