I do not know about stunnel, but I noticed one thing and it cought my attention.
IS 192.168.0.5 your local IP or is it the remote IP? If it is remote IP, then it seems that you should connect to your local end of the stunnel, instead of a remote IP when connecting to mysql. That way the stunnel would reach to the remote IP encrypted. (Presumed stunnel operates similar way SSH tunneling does.) Regards, Petri > I am trying to use secure MySQL connections with stunnel ver. 4. I have > the > following conf files for the server and the client. > > > > > > Server: > > > > cert = /etc/stunnel/stunnel.pem > > chroot = /var/tmp/stunnel > > > > #PID is created inside chroot jail > > pid = /stunnel.pid > > > > setuid = nobody > > setgid = nobody > > > > client = no > > > > debug = 7 > > output = /stunnel.log > > > > [mysqls] > > accept = 3307 > > connect = 3306 > > > > > > Client: > > > > cert = /etc/stunnel/stunnel.pem > > chroot = /var/tmp/stunnel > > > > # PID is created inside chroot jail > > pid = /stunnel.pid > > > > setuid = nobody > > setgid = nobody > > > > client = yes > > > > debug = 7 > > output = /stunnel.log > > > > [mysqls] > > accept = 3306 > > connect = 192.168.0.5:3307 > > > > I have stunnel running on both the server and the client. After this I am > simply using mysql -h 192.168.0.5 -u mysqluser -p to connect to the mysql > server. It connects fine. But when I tcpdump data on eth0 it shows > transmission is plain text. That means my client is not communicating with > the server through stunnel. And stunnel is also not generating any log. > > > > > > What am I missing? > > > > Thanks in advance. > > > > Nash > > _______________________________________________ > General mailing list > General at brlug.net > http://brlug.net/mailman/listinfo/general_brlug.net >
