Revision history for InstallingAndConfiguringStunnelOnCentos6


Revision [161]

Last edited on 2018-09-04 22:39:51 by ShaunC
Additions:
Sorry this page doesn't redirect you automatically anymore. There were too many spam bots following the 301 redirect and cluttering my logs.
Deletions:
Sorry this doesn't redirect you automatically anymore. There were too many spam bots following the 301 redirect and cluttering my logs.


Revision [160]

Edited on 2018-09-04 22:39:33 by ShaunC
Additions:
**This page has moved** to **[[https://shaunc.com/blog/article/installing-and-configuring-stunnel-on-centos-6~4xYL_CVcYbqb|Installing and Configuring stunnel on CentOS 6]]**
Sorry this doesn't redirect you automatically anymore. There were too many spam bots following the 301 redirect and cluttering my logs.
Deletions:
Install ##stunnel##
%%yum install stunnel%%
Create certificate
%%cd /etc/pki/tls/certs/ && make stunnel.pem%%
Generate Diffie-Hellman initialization parameters
%%[root@foo certs]# dd if=/dev/urandom count=64 | openssl dhparam -rand - 2048
0 semi-random bytes loaded
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
.64+0 records in
64+0 records out
32768 bytes (33 kB) copied, 0.020178 s, 1.6 MB/s
....................+..[snip lots of output]...++*++*++*
-----BEGIN DH PARAMETERS-----
MIGHAoGBAN1puC8VOxyqydITSDisVIpoFrwLS6yLqwykT/V5I96UPdgWFXwg96Kx
L6yd5JnK4BK1aoJZiyoO+AVanwQs2BBCGXKEY5YTQJSErwe+vbnNmnQtzMIto2wj
0hkQHbqc4+Q2KTfjJpIhzVO/JL8WS5Ko6LDyEzKh7Se1Gg80wqyjAgEC
-----END DH PARAMETERS-----%%
Append the resulting DH PARAMETERS block (above) to /etc/pki/tls/certs/stunnel.pem
Create the ##/etc/stunnel/stunnel.conf## file
%%; stunnel configuration file
debug = 3
output = /var/log/stunnel.log
setuid = nobody
setgid = nobody
pid = /var/run/stunnel/stunnel.pid
cert = /etc/pki/tls/certs/stunnel.pem
options = NO_SSLv2
options = NO_SSLv3
options = SINGLE_ECDH_USE
options = SINGLE_DH_USE
[securesquid]
accept = 3138
connect = 3128%%
Create a directory for the pidfile
%%mkdir /var/run/stunnel && chown nobody /var/run/stunnel%%
Run ##stunnel## and inspect ##/var/log/stunnel.log##, if things aren't working, set ##debug = 7## in the config file and try again
When working, add to ##/etc/rc.local## or create an init script to run it as a service
-----
[[CategoryCentos6]] [[CategoryLinux]]


Revision [114]

Edited on 2017-04-08 13:25:30 by ShaunC [1024 -> 2048]
Additions:
%%[root@foo certs]# dd if=/dev/urandom count=64 | openssl dhparam -rand - 2048
Deletions:
%%[root@foo certs]# dd if=/dev/urandom count=64 | openssl dhparam -rand - 1024


Revision [87]

Edited on 2016-06-22 20:24:24 by ShaunC [1024 -> 2048]
Additions:
-----
[[CategoryCentos6]] [[CategoryLinux]]


Revision [86]

The oldest known version of this page was created on 2016-06-22 20:23:52 by ShaunC [1024 -> 2048]
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki