Fork me on GitHub

安装stunnel

原创文章,未经允许,请勿转载

服务端安装(centos)

wget https://www.stunnel.org/downloads/stunnel-5.43.tar.gz
tar -xf stunnel-5.43.tar.gz
cd stunnel-5.43
yum install gcc openssl-devel -y
./configure
make
make install

#按要求输入一下信息或者一路回车,生成ssl证书
make cert

服务端配置文件路径:/usr/local/etc/stunnel/stunnel.conf,该目录下面有一个示例文件:stunnel.conf-sample可以参考,下面是我给svn和mysql数据库传输加密的配置,仅供参考

compression=zlib  
syslog=yes  
debug=7  
output=/var/log/stunnel.log  
setuid=root  
setgid=root  
pid=/var/run/stunnel.pid  
cert=/usr/local/etc/stunnel/stunnel.pem  
key=/usr/local/etc/stunnel/stunnel.pem  
client=no  

[svn]
accept=3691
connect=127.0.0.1:3690 

[mysql]
accept=3307
connect=127.0.0.1:3306

服务端启动直接运行命令stunnel即可,也可以编写一个启动脚本,请参考:

#!/bin/bash
#先停掉之前的进程
ps -efww|grep -w 'stunnel'|grep -v grep|cut -c 9-15|xargs kill -9
#启动新的
stunnel

或者执行以下脚本创建这个启动脚本:

cat > /root/run_stunnel << EOF
#!/bin/bash
#先停掉之前的进程
ps -efww|grep -w 'stunnel'|grep -v grep|cut -c 9-15|xargs kill -9
#启动新的
stunnel
EOF

chmod +x /root/run_stunnel

客户端支持多个操作系统,下载页面,可能需要翻-墙:https://www.stunnel.org/downloads.html

首先把服务器的证书文件:/usr/local/etc/stunnel/stunnel.pem 拷贝到客户端的配置目录config,然后编辑config\stunnel.conf

[svn]
client = yes
accept = 127.0.0.1:3691
connect = 112.23.26.255:3691
cert = stunnel.pem


[mysql]
client = yes
accept = 127.0.0.1:3307
connect = 112.23.26.255:3307
cert = stunnel.pem

最后启动客户端(windows为例):stunnel.bat

来源:悠游悠游,2017-05-11,原文地址:https://yymmss.com/p/install-stunnel.html