RaspberryPi/SSH Stunnel: Difference between revisions
From charlesreid1
| Line 32: | Line 32: | ||
client=yes | client=yes | ||
[ssh] | [ssh] | ||
accept = | accept =10.0.0.19:443 | ||
connect = 127.0.0.1:22 | connect = 127.0.0.1:22 | ||
</pre> | </pre> | ||
where 10.0.0.19 is the ip of the command and control server. | |||
=stunnel Client: Raspberry Pi= | =stunnel Client: Raspberry Pi= | ||
Revision as of 20:03, 4 August 2015
What is stunnel
Nominally, stunnel provides SSL encryption and decryption, which provides services not capable of SSL to communicate securely using SSL. (Example: if a mail server listens for unencrypted mail traffic on port 25, and clients send encrypted mail traffic on port 465, stunnel listens on port 465, passes traffic through stunnel to decrypt it, and then passes it to local port 25.
But this can also be used to wrap arbitrary traffic in SSL. In the case of reverse SSH, this provides a way to "wrap" SSH connections in an SSL layer, to make it through the firewall and past intrusion detection systems.
See also RaspberryPi/Reverse SSH
Our stunnel setup will be as follows
The stunnel client will be our Raspberry Pi.
The stunnel server will be our command and control server.
stunnel Server: Command and Control Server
Installing
Start by installing stunnel:
$ apt-get install -y stunnel4
Edit Configuration
output = /var/log/stunnel4/stunnel.log cert=/etc/ssl/stunnel.pem key=/etc/ssl/stunnel.pem pid=/var/run/stunnel.pid client=yes [ssh] accept =10.0.0.19:443 connect = 127.0.0.1:22
where 10.0.0.19 is the ip of the command and control server.
stunnel Client: Raspberry Pi
Installing
Start by installing stunnel on the Pi:
apt-get install -y stunnel4