[stunnel-users] Username authentication
Brian Hatch
bri at stunnel.org
Fri Mar 7 10:34:25 CET 2008
About 2008-03-04 17:05 -0500, Joe Kemp voiced:
> I want to try to use stunnel as a "simple" client vpn.
> It solves all of my encryption issues but I would like to
> verify a username/password before it lets the traffic
> through. I didn't see any patches or hacks out there
> that did this. Has this been attempted before or am I on
> my own. I would also be interested in other solutions
> based on openssl that are not network device level VPNs
> clients.
You want to use X509 certificate verification. It's the way
authentication is done in the SSL world. It's built into Stunnel.
You may also want to look at tappipe, which is Michal's
VPN-over-Stunnel package. I use it very successfully for
a few of my connections.
> Already using client side certificates and I know that is the normal SSL authentication mechanism....
Then why don't you want to use them? ;-)
--
Brian Hatch Waltz, nymph, for quick jigs vex Bud.
Systems and --28 letter panagram
Security Engineer
http://www.ifokr.org/bri/
Every message PGP signed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20080307/b7d8dca1/attachment.sig>
More information about the stunnel-users
mailing list