RaspberryPi/SSH Stunnel: Difference between revisions
From charlesreid1
(Admin moved page RaspberryPi/Reverse SSH Stunnel to RaspberryPi/Old Reverse SSH Stunnel) |
No edit summary |
||
| Line 1: | Line 1: | ||
=What is stunnel= | |||
Nominally, stunnel provides SSL encryption and decryption, which provides services not capable of SSL to communicate securely using SSL. (Example: if a mail server listens for unencrypted mail traffic on port 25, and clients send encrypted mail traffic on port 465, stunnel listens on port 465, passes traffic through stunnel to decrypt it, and then passes it to local port 25. | |||
But this can also be used to wrap arbitrary traffic in SSL. In the case of reverse SSH, this provides a way to "wrap" SSH connections in an SSL layer, to make it through the firewall and past intrusion detection systems. | |||
See also [[RaspberryPi/Reverse SSH]] | |||
Our stunnel setup will be as follows | |||
The stunnel client will be our Raspberry Pi. | |||
The stunnel server will be our command and control server. | |||
=stunnel Server: Command and Control Serve | |||
==Installing== | |||
Start by installing stunnel: | |||
<pre> | |||
$ atp-get install -y stunnel4 | |||
</pre> | |||
=stunnel Client: Raspberry Pi= | |||
==Installing== | |||
Start by installing stunnel on the Pi: | |||
<pre> | |||
apt-get install -y stunnel4 | |||
</pre> | |||
Revision as of 19:58, 4 August 2015
What is stunnel
Nominally, stunnel provides SSL encryption and decryption, which provides services not capable of SSL to communicate securely using SSL. (Example: if a mail server listens for unencrypted mail traffic on port 25, and clients send encrypted mail traffic on port 465, stunnel listens on port 465, passes traffic through stunnel to decrypt it, and then passes it to local port 25.
But this can also be used to wrap arbitrary traffic in SSL. In the case of reverse SSH, this provides a way to "wrap" SSH connections in an SSL layer, to make it through the firewall and past intrusion detection systems.
See also RaspberryPi/Reverse SSH
Our stunnel setup will be as follows
The stunnel client will be our Raspberry Pi.
The stunnel server will be our command and control server.
=stunnel Server: Command and Control Serve
Installing
Start by installing stunnel:
$ atp-get install -y stunnel4
stunnel Client: Raspberry Pi
Installing
Start by installing stunnel on the Pi:
apt-get install -y stunnel4