# How can I SSL this?



## max21 (Jul 23, 2018)

Hello Everybody,

I been reading lots about openvpn, stunnel and all the rest.  The good thing is I now understand 70% unlike as of last week 40% at best.

For some reason I want to play with stunnel _first_!  I don’t care how powerful openvpn is as of right now.  I want it to do what seems impossible when using stunnel (I found nothing about this).  I simply want to make it connect to my VPS which has nothing on it but the FreeBSD  operating system and stunnel.  I just want to use pure ssl into my VPS.

FWIDK, I can connect to my remote KVM server using any web browser, but I also have tmux in a jail that I can easily use this command and go to town on it.  It’s the greatest thing I ever done when it comes to administrating a remote machine.  I never thought it was this simple but it took a bit to set it up correctly with the use of pf,  ssh_config and /etc/services.

```
ssh -p 2222 user1@111.222.333.444
```
But still, I need to know how to make my Mate stunnel connect to the VPS stunnel and do the same kind of stuff.  What applications am I’m missing?  Is this even possible?  If so, how?

Just because I can’t find any info about this on the internet don’t mean it’s Impossible.  It’s only impossible when FreeBSD user’s tell me so.  If what I am after is doable, it will take me far.  If not then it will take me farther because I’ll know the facts.


----------



## ShelLuser (Jul 23, 2018)

max21 said:


> For some reason I want to play with stunnel _first_!  I don’t care how powerful openvpn is as of right now.  I want it to do what seems impossible when using stunnel (I found nothing about this).  I simply want to make it connect to my VPS which has nothing on it but the FreeBSD  operating system and stunnel.  I just want to use pure ssl into my VPS.


"Connect" how exactly? You're a little vague about what it is exactly that you wish to accomplish here.

Also: what is "pure ssl" supposed to mean?

Anyway, when looking at the stunnel website you'll spot this:



> Stunnel is a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs' code. Its architecture is optimized for security, portability, and scalability (including load-balancing), making it suitable for large deployments.


As such the question: how do you want to connect? What service are you trying to proxy within stunnel?

But most of all: what exactly are you trying to accomplish here? You keep talking about "connecting" but that's rather vague; if you wish to establish a connection then simply ping the remote host and you've done just that, mission accomplished 

Anyway, when looking at the intended functionality of stunnel then my suggestion would be to check up with its documentation. Here is a document which explains how to set it up to encrypt services such as POP3, IMAP and MySQL.

Of course one could wonder how useful this actually is considering that most services provide native support for encrypted connections these days.


----------



## max21 (Jul 23, 2018)

With those leading comments, either you need a “full” two-weeks vacation or I guest I still don’t know how to engineer a simple FreeBSD question that cannot be put to shame.

So it seems that I was wrong but who else I’m going to ask.  All of you know ssl is all about stronger privacy for you, your site and your visitors.  I want to take it deeper which seems to make since to me … I was actually thinking that I could use stunnel in some kind of way where I could do the same type of thing as one would when he or she ssh into a remote server,  A _simple question cut-and-dried_ for any, regardless!   *Maybe my question should have been:*

How do I hook up (or whatever it’s called) my desktop to my VPS thru  secure socket layer with ssh riding on inside, _or wherever it belong_, and do all the wonderful things that simple ssh’ing into the machine can do?

I guest it must be a bit too much of a privacy issue but I’m going to achieve that much.  I’ build sh*t for that crap.  No clown can’t defeat common-since.  You brought upon the problems, now you want to drag me into the game (common people).   Cyber that!

Slightly on topic: https://secushare.org/PGP

If my new question is understandable; what type of tools would one need to accomplish this type of simplicity that even an Intel 80386 could understand?  One thing I do know and that is a machine is a machine and that’s all she wrote.  BTW:  That link explains nearly everything.  For now I think it will not do not do what I am after but I’m just getting into it right now.

Always appreciate you no matter what ShelLuser


----------



## max21 (Jul 23, 2018)

> tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet.



I forgot.  I tried to get around to this in a pervious thread, so evidently I posted about the wrong tool.  However, stunnel was the right tool that I was missing because it can provide the tunneling for this tool; tinc, or an extra layer of something needed.  Whatever the case after all I been reading that simple stunnel link IS the greatest crash-course into the working of cryptography I ever had.  Like crazy right.  I never had a real clue.  Now I do. 

Talk is cheap.
Have a great day!

https://forums.freebsd.org/threads/connecting-servers.65121/
https://forums.freebsd.org/threads/europe-throws-whois-privacy-plan-in-the-trash.66605/


----------

