Last Updated: February 25, 2016
· bt3gl

Setting up Stunnel in Fedora 20

Stunnel is an open-source program to provide TLS/SSL tunneling service. For instance, you can use it to connect to IRC or to I2P.


$ sudo yum install stunnel

Start Stunnel in the Boot

Configure stunnel to start automatically by adding the line bellow at /etc/default/stunnel:


Editing the Configuration File

Then replace the configuration file:

$ sudo cp /usr/share/doc/stunnel4/examples/stunnel.conf-sample /etc/stunnel/stunnel.conf

Adding the following, for example:

client = yes
accept = localhost:119
connect =

accept  = 995
connect = 110

accept  = 993
connect = 143

accept  = 465
connect = 25

client = yes
accept =
connect =

client = yes
accept =
connect =

client = yes
accept =
connect =

accept  = 443
connect = 80

Add Service to the Host Whitelist

Then, allow nntp in the /etc/hosts.allow file:


Setting Authentication Keys

Generate your private key (at /etc/stunnel):

$ openssl req -new -x509 -days 365 -nodes -out stunnel.pem -keyout stunnel.pem

You will have two files. One named priv.pem, the other stunnel.pem. You need to add the content of priv.pem into stunnel.pem to have a complete key. Then you move to your SSL certificates folder:

$ sudo mv stunnel.pem /etc/ssl/certs/stunnel.pem
$ chmod 600 /etc/ssl/certs/stunnel.pem


$ sudo stunnel

You can make sure it is running with:

$ ps aux | grep stunnel

That's it! Navigate safe!