Hello. One reason to opt for stunnel instead of ssh -L to secure a local non-ssl client is, that if user use stunnel, it can work transparently, start working only when a connection is listened, so user do not have to start ssh-L before using the client and do not have to shut it down after using the client.
However these days through the use of NetworkManager, the network interfaces are often not brought up when stunnel started as a system service. Instead, the network interfaces are brought up by users, in case of wifi or wan, after user typed password. I found I have to first start network interfaces, and run /etc/init.d/stunnel restart
to prepare to run the insecure client. Is there a way to run in stunnel in such a way it does nothing except listening, and can recover from network restart, which happens from time to time for road warriors like me?
Thanks in advance. I didn't find answer on FAQ by the way.
Zhang Weiwu wrote:
to prepare to run the insecure client. Is there a way to run in stunnel in such a way it does nothing except listening, and can recover from network restart, which happens from time to time for road warriors like
me?
I'm not sure what your configuration is, but for a road-warrior configuration you usually only need to listen on loopback (localhost) interface. This interface should be available regardless of any WLAN issues.
Your configuration file and error messages would help us to provide a more detailed diagnosis.
Mike
-
Michal Trojnara -
Zhang Weiwu