A Guide to Debugging Stunnel Connections

Start with Stunnel

Debugging stunnel is a lot easier if you can run stunnel in the foreground in one window, and monitor its output activity while you try and connect. This is true of monitoring stunnel on both the client side and the server side.

Just add these two lines to your stunnel.conf:

debug = 7
foreground = yes

Now, when you run the stunnel command, the output will be shown directly on the screen, and you'll be able to monitor what's happening with stunnel when you try and connect.

For example stunnel.conf files, see the following links:

• https://git.charlesreid1.com/docker/d-stunnel
• https://git.charlesreid1.com/rpi/pi-stunnel
• https://git.charlesreid1.com/mac/m-stunnel

There are also some wiki files with config files:

• https://charlesreid1.com/wiki/Stunnel/Rsync
• https://charlesreid1.com/wiki/Stunnel/SSH
• https://charlesreid1.com/wiki/Stunnel/Scp

Monitor stunnel log

check the log via:

[remote] $ tail -f /var/log/stunnel4/stunnel.log

Check your ports

Use nmap to scan the server and verify the external port you specified the stunnel server and client to use (443, or 273, or 8000, or whatever) should show up in the nmap scan as "open".

If you can't reach the server, you might have a firewall issue. Fix the firewall by using iptables.

#!/bin/bash
port=443
iptables -A INPUT -p tcp --dport ${port} -j ACCEPT
iptables -A FORWARD -p tcp -j ACCEPT --dport ${port} -m state --state NEW

Flags

stunnel secure tunnel - create secure encrypted connections on any port to wrap any protocol Stunnel  · Category:Stunnel Using: Client: Stunnel/Client Server: Stunnel/Server Stunnel Over Docker: Stunnel/Docker Certificates: Stunnel/Certificates Protocols: Stunnel/Rsync  · Stunnel/SSH  · Stunnel/Scp  · Stunnel/HTTP  · Stunnel/OpenVPN Other Links: RaspberryPi/Headless  · RaspberryPi/Reverse SSH Category:Stunnel  · Category:SSH  · Category:Networking Flags  · Template:StunnelFlag  · e

ssh secure shell, the most useful tool in unix SSH  · Category:SSH Tunnels: Building SSH tunnels: SSH Tunnels Tunnel SSH through HTTPS: Stunnel Tunnel SSH through DNS: Iodine Raspberry Pi and SSH: RaspberryPi/Headless  · RaspberryPi/Reverse SSH RaspberryPi/SSH Stunnel  · RaspberryPi/Reverse SSH Stunnel Category:SSH  · Category:Networking Linux and SSH: Linux/SSH Metasploitable/SSH Category:SSH  · Category:Kali  · Category:Networking Flags  · Template:SSHFlag  · e