第 42 章 Stunnel - universal SSL tunnel

Homepage: http://www.stunnel.org/

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

1. install

   $ sudo apt-get install stunnel4
   			

2. enable stunnel

   			
   $ vim /etc/default/stunnel4
   # /etc/default/stunnel
   # Julien LEMOINE <speedblue@debian.org>
   # September 2003
   
   # Change to one to enable stunnel
   ENABLED=0
   FILES="/etc/stunnel/*.conf"
   OPTIONS=""
   
   # Change to one to enable ppp restart scripts
   PPP_RESTART=0
   			
   			

   edit /etc/default/stunnel4 file and change ENABLED=0 to ENABLED=1 to enable Stunnel

3. config

   $ sudo vim /etc/stunnel/stunnel.conf
   [pop3s]
   accept  = 995
   connect = 110
   
   [imaps]
   accept  = 993
   connect = 143
   
   [ssmtp]
   accept  = 465
   connect = 25
   
   [https]
   accept  = 443
   connect = 80		
   			

4. start

   $ sudo /etc/init.d/stunnel4 start			
   		

原文出处：Netkiller 系列 手札
本文作者：陈景峯
转载请与作者联系，同时请务必标明文章原始出处和作者信息及本声明。