On Mon, May 7, 2012 at 8:43 AM, Balasubramaniam Natarajan <[email protected]> wrote: > Could someone please explain me what is the need for stunnel when we can > use ssh tunnel > > $ssh -L 5555:localhost:2222 [email protected] > > Here I tried to ssh to [email protected] and forwarded my localport 5555 > to the somemachine.com's 2222. I guess this is what even stunnel does. >
I have never used stunnel but stunnel is an SSL wrapper around insecure applications. It will not do port forwarding like ssh. Port forwarding is done by people like ssh, qemu, netcat, socat and so on. stunnel will not do it. Of course firewalls also do that. It is job of firewalls actually which rewrite packet headers. In the case of the above mentioned applications they setup listeners and connect using TCP or UDP sockets to create the illusion of packet header rewriting. Whereas stunnel only creates an SSL wrapper to secure braindead old insecure wire protocols. -Girish -- Gayatri Hitech http://gayatri-hitech.com _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
