---
 tools.suckless.org/ii/usage.md | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/tools.suckless.org/ii/usage.md b/tools.suckless.org/ii/usage.md
index c9720dd..0d3fc13 100644
--- a/tools.suckless.org/ii/usage.md
+++ b/tools.suckless.org/ii/usage.md
@@ -56,3 +56,30 @@ hysteria
 lchat
 -----
 [lchat](https://github.com/younix/lchat) is a line oriented terminal font-end.
+
+TLS/SSL
+-------
+To connect to a TLS/SSL encrypted channel, it is possible to use the [SSL 
patch](/patches/ssl) or a proxy:
+
+[stunnel](https://www.stunnel.org/) is a proxy for an unencrypted TCP 
connection to TLS:
+
+In `/etc/stunnel/stunnel.conf`:
+
+       [irc.oftc.net]
+       accept = 127.0.0.1:<your-port>
+       connect = irc.oftc.net:6697
+
+[inetd](http://man.openbsd.org/inetd) listens on multiple TCP ports and can 
connect a program standard input and output to a TCP socket.
+This enables it to act as a simple proxy using any command line TLS client, 
such as [openssl s_client](http://man.openbsd.org/openssl#S_CLIENT), [brssl 
client](https://bearssl.org/gitweb/?p=BearSSL;a=blob;f=tools/brssl.c;h=91372b09f42149a503f9d13db0b78cf0a123611e;hb=HEAD#l43),
 nc -ssl, socat... or any other:
+
+In `/etc/services`:
+
+       irc-oftc        <your port>/tcp
+
+In `/etc/inetd.conf`:
+
+       irc-oftc        stream  tcp     nowait  nobody  /usr/bin/openssl        
openssl s_client -quiet -connect irc.oftc.net:6697
+
+Then a proxy should be available at localhost:<your port> for ii to connect to:
+
+       ii -s 127.0.0.1 -p <your port>
-- 
2.14.2


Reply via email to