Lokasi » » » cara menggunakan Stunnel - aplikasi pengaturan SSL untuk network daemons

Sunday, April 1, 2012

cara menggunakan Stunnel - aplikasi pengaturan SSL untuk network daemons

Posted by at 7:20 AM
The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs’ code. Stunnel uses OpenSSL libraries for cryptography, so it supports whatever cryptographic algorithms you compiled into your library.

Install stunnel on ubuntu

 

Open the terminal and run the following command
sudo apt-get install stunnel4

Configure stunnel

First we need to enable stunnel

Enabling stunnel
$ vi /etc/default/stunnel4

Change the line,
ENABLED=0

to

ENABLED=1

Save and exit the file

Create your certificate with openssl (Optional)
$ openssl req -new -out mail.pem -keyout mail.pem -nodes -x509 -days 365

Where ever your /etc/stunnel/stunnel.conf file is pointing to mail.pem is where you should put this file. Mine points to /etc/stunnel/mail.pem.

Start your stunnel server
$ sudo /etc/init.d/stunnel4 start

If you get an error like You should check that you have specified the pid= in you configuration file, open up /etc/stunnel/stunnel.conf and comment out these services that may be enabled by default.

;[pop3s]
;accept = 995
;connect = 110

;[imaps]
;accept = 993
;connect = 143

;[ssmtp]
;accept = 465
;connect = 25

Example of setting up remote desktop for stunnel

Edit your /etc/stunnel/stunnel.conf.

Add the contents,
[rdp]
accept = 2000
connect = 192.168.2.10:7422

and uncomment the line that says ;client = yes. This should be done on the client side. Restart stunnel: /etc/init.d/stunnel4 restart.

Note:- My SSH server port configured on 7422

The accept variable (port) can be anything. The connect variable should be the host you are trying to connect to with
appended to it.

On the server side, you would do something similar. Just add to your stunnel.conf
[rdp]
accept = 22
connect = 3389

and start the stunnel server.
$ sudo /etc/init.d/stunnel4 start

Now we need to connect to the remote desktop. On the client, since we set the accept port to 2000 and mapped that to 192.168.2.10:7422 the server, we will connect to the remote desktop server from the client itself. Just issue the command,
$ rdesktop localhost:2000

This looks in the stunnel.conf on the client side, finds the service that accepts port 2000, and then actually performs the connect which is to host 192.168.2.10 on port 7422. On the server end, stunnel gets a request on port 22 and says to actually connect to port 3389, the one remote desktop is running on.

Penjelasan Materi Lainnya

Labels:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 

Profil Penulis Blog Ini

Penulis merupakan mahasiswa aktif Fakultas Teknik Universitas Syiah Kuala dan Merupakan Anggota dari komunitas IloveAceh --> @iloveaceh

Hubungi Kami Di Sini

WhatsApp:6289694269436
YM:erix_funky
Skype:ilmusains7

Copyright © Pengertian - Materi Belajar Online Design by BTDesigner | Blogger Theme by BTDesigner | Powered by Blogger