[ale] NNTPS "tunnelling"?
Brian MacLeod
nym.bnm at gmail.com
Wed Apr 26 09:50:17 EDT 2006
>
> Nope, at least if it does, I'm too stupid to figure it out from the output
> of the command:
>
> fd0man at cinnamon:~$ stunnel -h
>
> ==
> stunnel [-h] [-V] [-c | -T] [-D level] [-C cipherlist] [-p pemfile]
> [-v level] [-A certfile] [-a directory] [-S sources] [-t timeout]
> [-u ident_username] [-s setuid_user] [-g setgid_group] [-n
> protocol]
> [-R randfile] [-E egdsock] [-B bytes] [-P { dir/ | filename |
> none } ]
> [-d [host:]port [-f] ]
> [-r [host:]port | { -l | -L } program [-- args] ]
>
> -h print this help screen
> -V print stunnel version and compile-time defaults
>
> -d [host:]port daemon mode (host defaults to INADDR_ANY)
> -r [host:]port connect to remote service (host defaults to
> INADDR_LOOPBACK)
> -l program execute local inetd-type program
> -L program open local pty and execute program
>
> -c client mode (remote service uses SSL)
> -f foreground mode (don't fork, log to stderr)
> -I host local IP address to be used as source for remote
> connections
> -T transparent proxy mode on hosts that support it
> -p pemfile private key and certificate chain PEM filename
> -v level verify peer certificate
> level 1 - verify peer certificate if present
> level 2 - require valid peer certificate always
> level 3 - verify peer with locally installed
> certificate
> -a directory client certificate directory for -v options
> -A certfile CA certificate for -v options
> -S sources which certificate source defaults to use
> 0 = ignore all defaults sources
> 1 = use ssl library defaults
> 2 = use stunnel defaults
> 3 = use both ssl library and stunnel defaults
> -t timeout session cache timeout
> -u user use IDENT (RFC 1413) username checking
> -n proto negotiate SSL with specified protocol
> currently supported: smtp, pop3, nntp
> -N name service name to use for tcp wrapper checking
> -s username setuid() to username in daemon mode
> -g groupname setgid() to groupname in daemon mode
> -P arg specify pid file { dir/ | filename | none }
> -C list set permitted SSL ciphers
> -E socket path to Entropy Gathering Daemon socket
> -B bytes how many bytes to read from random seed files
> -R file path to file with random seed data
> /dev/urandom is used when this option is not specified
> -W do not overwrite random seed datafiles with new random
> data
> -D [fac.]lev debug level (e.g. daemon.info)
> -O a|l|r:option=value[:value] set an option on accept/local/remote
> socket
> -o file append log messages to a file
>
> See stunnel -V output for default values
>
> fd0man at cinnamon:~$
> ==
>
> What I do see is options for a PEM file, certificate file, a random seed
> source, and a file for the pid ID.
>
> *shrugs*
>
> Perhaps, I'll just use it without the file. Still, very useful. I've
> used
> this before for debugging SSL connections over a tty, but I didn't realize
> that it would work with connecting a program to a remote SSL source.
> Thanks again!
>
> - Mike
Sorry I wasn't able to assist you further on this, but I am glad you are
still able to solve your issue in some way.
bnm
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ale
mailing list