
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
Stunnel and OpenSSL: Concepts
|
163
On the client system, you could simply run a telnets-capable Telnet client (they do
exist), or you could run Stunnel in client mode, using a service definition like that in
Example 5-8.
You could then use the stock Linux telnet command to connect to the client host’s
local Stunnel forwarder:
[schmoe@skillet ~]$ telnet localhost telnets
Sparing you the familiar Telnet session that ensues, what happens in this example is
the following:
1. Your telnet process connects to the local client-mode Stunnel process listening
on port TCP 992.
2. This client-mode Stunnel process opens an encrypted SSL tunnel to the server-
mode Stunnel process listening on port TCP 992 on the remote system.
3. Once the tunnel is established, the remote (server-mode) Stunnel process starts
its local in.telnetd daemon.
4. The client-mode Stunnel process then forwards your Telnet session through the
tunnel, and the remote Stunnel daemon hands the Telnet packets to the in.telnetd
service it started.
By the way, if I haven’t made this clear yet, the client and server Stunnel processes
may use different listening ports. Again, just make sure that on each host:
• You choose a port not already being listened on by some other process.
• The client daemon sends to the same port on which the