Randy McMurchy wrote: > I'm a bit confused by this as the actual stunnel program is only > used by the root user and is started at boot time using an rc > script. Seems this to me is the classic program that belongs in > /usr/sbin.
No, it is also useful for non-roots, in order to access external SSL-enabled servers by local non-SSL-aware clients. See, for example, from http://www.stunnel.org/examples/generic_tunnel.html: > So what we need is the following: > > foo > The local machine. > Stunnel listens on foo:pop3, forwards to bar:pop3s. That's what usually gets run by a non-root (on a different port) and thus wants stunnel in /usr/bin > bar > The remote mail machine. > Stunnel listens on bar:pop3s, forwards to bar:pop3. And that is indeed started from inetd or initscript. > So, we need to run the following on foo: > > stunnel -c -d pop3 -r bar:pop3s > > > and on bar: > > stunnel -p /path/to/stunnel.pem -d pop3s -r bar:pop3 > -- Alexander E. Patrakov -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
