On Tue, 7 Jun 2005, Paul Jones wrote:
I am interested in using Stunnel, but I am a little confused currently. The "Forwarding an insecure port securely from one machine to another" (http://www.stunnel.org/examples/generic_tunnel.html) example only discusses the situation for sending data from the server to the client (i.e. a single direction). How would stunnel have to be set up so that encrypted communication is achieve in both directions? That is, from server to client and also from client to server?
Imagine that there is an application running on one end, and an identical app running on the other end and neither supports encryption. So I want to bring stunnel into the picture, so that communication is encrypted/decrypted on both ends.
It depends. If both applications can initiate the tunnel then you need to establish two tunnels; one from A to B and one from B to A. If only one of the two apps (say A) ever *initiates* a TCP conversation you can suffice with one tunnel but you already know that i guess.
Jan