Stunnel/Scp: Difference between revisions
From charlesreid1
(Created page with "This page covers a basic configuration for getting secure copy (SCP) working over an stunnel connection. =Overview= ==Setting up client== ==Setting up server== We want the...") |
|||
| Line 4: | Line 4: | ||
==Setting up client== | ==Setting up client== | ||
<pre> | |||
# client config, | |||
# will ssh directly to local port 2222 | |||
# ssh -p 2222 root@localhost | |||
# stunnel client connects to remote stunnel server at IP A.B.C.D over external port 443 | |||
output = /var/log/stunnel4/stunnel.log | |||
cert = /usr/local/etc/stunnel/stunnel.fullchain.pem | |||
key = /usr/local/etc/stunnel/stunnel.key.pem | |||
pid = /var/run/stunnel4/stunnel.pid | |||
client = yes | |||
[scp] | |||
accept = 2222 | |||
connect = 96.126.102.36:443 | |||
</pre> | |||
==Setting up server== | ==Setting up server== | ||
Revision as of 03:04, 31 March 2017
This page covers a basic configuration for getting secure copy (SCP) working over an stunnel connection.
Overview
Setting up client
# client config, # will ssh directly to local port 2222 # ssh -p 2222 root@localhost # stunnel client connects to remote stunnel server at IP A.B.C.D over external port 443 output = /var/log/stunnel4/stunnel.log cert = /usr/local/etc/stunnel/stunnel.fullchain.pem key = /usr/local/etc/stunnel/stunnel.key.pem pid = /var/run/stunnel4/stunnel.pid client = yes [scp] accept = 2222 connect = 96.126.102.36:443
Setting up server
We want the stunnel server to listen over 443, and forward traffic to port 22 (scp uses same port as SSH).
Only thing different from Stunnel/SSH server config file is the protocol name:
# server config, # stunnel server will listen for stunnel clients connecting on port 443 # traffic will be decrypted and forwarded to local port 22 output = /var/log/stunnel4/stunnel.log cert = /etc/stunnel/stunnel.fullchain.pem key = /etc/stunnel/stunnel.key.pem pid = /var/run/stunnel4/stunnel.pid client = no [scp] accept = 443 connect = 127.0.0.1:22