Re: [hackers] [ii][PATCH] add a note for using ii for tls channels
Hiltjo Posthumawrote: > Sure, just add it to the wiki. That is why I need to rtfm (https://suckless.org/wiki in that case). Thank you!
Re: [hackers] [ii][PATCH] add a note for using ii for tls channels
On Sat, Feb 10, 2018 at 01:55:12AM +0100, Josuah Demangeon wrote: > --- > tools.suckless.org/ii/usage.md | 27 +++ > 1 file changed, 27 insertions(+) > > diff --git a/tools.suckless.org/ii/usage.md b/tools.suckless.org/ii/usage.md > index c9720dd..0d3fc13 100644 > --- a/tools.suckless.org/ii/usage.md > +++ b/tools.suckless.org/ii/usage.md > @@ -56,3 +56,30 @@ hysteria > lchat > - > [lchat](https://github.com/younix/lchat) is a line oriented terminal > font-end. > + > +TLS/SSL > +--- > +To connect to a TLS/SSL encrypted channel, it is possible to use the [SSL > patch](/patches/ssl) or a proxy: > + > +[stunnel](https://www.stunnel.org/) is a proxy for an unencrypted TCP > connection to TLS: > + > +In `/etc/stunnel/stunnel.conf`: > + > + [irc.oftc.net] > + accept = 127.0.0.1: > + connect = irc.oftc.net:6697 > + > +[inetd](http://man.openbsd.org/inetd) listens on multiple TCP ports and can > connect a program standard input and output to a TCP socket. > +This enables it to act as a simple proxy using any command line TLS client, > such as [openssl s_client](http://man.openbsd.org/openssl#S_CLIENT), [brssl > client](https://bearssl.org/gitweb/?p=BearSSL;a=blob;f=tools/brssl.c;h=91372b09f42149a503f9d13db0b78cf0a123611e;hb=HEAD#l43), > nc -ssl, socat... or any other: > + > +In `/etc/services`: > + > + irc-oftc/tcp > + > +In `/etc/inetd.conf`: > + > + irc-oftcstream tcp nowait nobody /usr/bin/openssl > openssl s_client -quiet -connect irc.oftc.net:6697 > + > +Then a proxy should be available at localhost: for ii to connect > to: > + > + ii -s 127.0.0.1 -p > -- > 2.14.2 > > Sure, just add it to the wiki. -- Kind regards, Hiltjo
[hackers] [ii][PATCH] add a note for using ii for tls channels
--- tools.suckless.org/ii/usage.md | 27 +++ 1 file changed, 27 insertions(+) diff --git a/tools.suckless.org/ii/usage.md b/tools.suckless.org/ii/usage.md index c9720dd..0d3fc13 100644 --- a/tools.suckless.org/ii/usage.md +++ b/tools.suckless.org/ii/usage.md @@ -56,3 +56,30 @@ hysteria lchat - [lchat](https://github.com/younix/lchat) is a line oriented terminal font-end. + +TLS/SSL +--- +To connect to a TLS/SSL encrypted channel, it is possible to use the [SSL patch](/patches/ssl) or a proxy: + +[stunnel](https://www.stunnel.org/) is a proxy for an unencrypted TCP connection to TLS: + +In `/etc/stunnel/stunnel.conf`: + + [irc.oftc.net] + accept = 127.0.0.1: + connect = irc.oftc.net:6697 + +[inetd](http://man.openbsd.org/inetd) listens on multiple TCP ports and can connect a program standard input and output to a TCP socket. +This enables it to act as a simple proxy using any command line TLS client, such as [openssl s_client](http://man.openbsd.org/openssl#S_CLIENT), [brssl client](https://bearssl.org/gitweb/?p=BearSSL;a=blob;f=tools/brssl.c;h=91372b09f42149a503f9d13db0b78cf0a123611e;hb=HEAD#l43), nc -ssl, socat... or any other: + +In `/etc/services`: + + irc-oftc/tcp + +In `/etc/inetd.conf`: + + irc-oftcstream tcp nowait nobody /usr/bin/openssl openssl s_client -quiet -connect irc.oftc.net:6697 + +Then a proxy should be available at localhost: for ii to connect to: + + ii -s 127.0.0.1 -p -- 2.14.2