Tom Shaw wrote:
As an example if I run Apache on my home machine, I'd like it to start the tunnel when I turn it on, have it automatically set up stunnel to a Linux box I have on the public net, and have anything to port 8090 on the Linux box get passed to my home machine 8080.
Easier to use ssh to port forward in this instance, IMHO. But why? Seems like just port mapping on the NAT router would work just as well and with no different effect on security.
Because I won't be able to add ssh or access the router in a number of cases where I need this, but I believe I'll have access to stunnel in many/most cases. Necessity is the mother of invention.
Maybe I am all wet but is seems to me that a) if you can put stunnel at both ends you can put ssh at both ends - saying that you would have access to stunnel and not ssh doesn't make any sense,
If stunnel already exists on the machines and ssh doesn't and I don't have permission to install it, it makes sense.
b) why wouldn't you have access to your own router?
If someone else installed it and didn't give me admin permission, for example, amongst other scenarios.
Tom