Last Updated: February 25, 2016
·
2.77K
· bt3gl

Setting up Stunnel in Fedora 20

Stunnel is an open-source program to provide TLS/SSL tunneling service. For instance, you can use it to connect to IRC or to I2P.

Installing:

$ sudo yum install stunnel

Start Stunnel in the Boot

Configure stunnel to start automatically by adding the line bellow at /etc/default/stunnel:

ENABLED=1

Editing the Configuration File

Then replace the configuration file:

$ sudo cp /usr/share/doc/stunnel4/examples/stunnel.conf-sample /etc/stunnel/stunnel.conf

Adding the following, for example:

[nntp]
client = yes
accept = localhost:119
connect = news.newshosting.com:563

[pop3s]
accept  = 995
connect = 110

[imaps]
accept  = 993
connect = 143

[ssmtp]
accept  = 465
connect = 25

[gmail-pop3]
client = yes
accept = 127.0.0.1:110
connect = pop.gmail.com:995

[gmail-imap]
client = yes
accept = 127.0.0.1:143
connect = imap.gmail.com:993

[gmail-smtp]
client = yes
accept = 127.0.0.1:25
connect = smtp.gmail.com:465

[https]
accept  = 443
connect = 80

Add Service to the Host Whitelist

Then, allow nntp in the /etc/hosts.allow file:

nttp: 127.0.0.1

Setting Authentication Keys

Generate your private key (at /etc/stunnel):

$ openssl req -new -x509 -days 365 -nodes -out stunnel.pem -keyout stunnel.pem

You will have two files. One named priv.pem, the other stunnel.pem. You need to add the content of priv.pem into stunnel.pem to have a complete key. Then you move to your SSL certificates folder:

$ sudo mv stunnel.pem /etc/ssl/certs/stunnel.pem
$ chmod 600 /etc/ssl/certs/stunnel.pem

Run!

$ sudo stunnel

You can make sure it is running with:

$ ps aux | grep stunnel

That's it! Navigate safe!