Dorai Ashok wrote: [Fri Mar 13 2009, 04:28:56PM EDT]
I was able to setup stunnel between two hosts successfully but the only problem I am facing is that, the SSL connection between the two hosts is not persistent. For every connection I make to the stunnel client, a new SSL connection is established by the stunnel client to the stunnel server.
Is there a configuration variable in stunnel which can make the SSL connection between stunnel client and server persistent ?
stunnel always builds a new SSL connection for every connection it accepts on the client side. This is normally the right thing because the server might be an SSL application rather than another instance of stunnel.
It would be possible for stunnel to build a persistent SSL connection to the server if the server is known to be another stunnel instance, in which case every connection accepted on the client side would spawn a new "exec" or "connect" on the server, and the connections would be multiplexed over the single SSL connection. That would be a very nice feature to add to stunnel, but AFAIK it's not there right now.
It is, however, in openssh. This is what ssh -L port:remote:port does. That is probably where you need to look if you depend on this feature.
Regards, Aron