On Wed, 2016-03-30 12:45:25 +0000, Juhasz Gabor wrote:
Hi Ludolf,
Thanks for you reply.
Yes, I mean how you wrote.
Could you write the name of this feature or doc to understand how it works.
Hi Gabor,
I don't have a link to post, but you don't need any special feature of stunnel.
The idea is to have two instances of stunnel, one of them on the client's host and the other on the server's host.
The client connects to the local stunnel instance (which is to be run in client mode, 'client = yes'). This stunnel instance establishes an encrypted connection to the instance on the server's host, which in turn sets up a clear-text connection to the server (which is to be run in server mode, 'client = no').
For instance, to encrypt a telnet connection:
client's host server's host +---------------+ +----------------+ | | | | | telnet client | | telnet server | | 127.0.0.1:x | | 127.0.0.23 | | : | | ^ | | : | | : | | V | | : | | 127.0.0.1:23 | | 127.0.0.1:z | | stunnel | | stunnel | | 1.2.3.4:y ===============> 5.6.7.8:992 | | | | | +---------------+ +----------------+
The vertical connections (with colons) are clear-text, the horizontal connection (with equal signs) is encrypted.
Ludolf