Hello, Forum, Perfect Privacy,
Using stunnel now from the setup on your excellent tutorial on several Ubuntu 20 machines, with both stunnel and openvpn from the command line. We're also assuming that stunnel cannot be done from the xwindows gui app on Ubuntu, but we prefer command line anyway. So:
1. Must the "connect" option in the stunnel .conf file have the same IP as the "route" option in the opepvpn .conf file? Would it work to open the stunnel to Rotterdam3 but connect through the stunnel to Amsterdam4, for example? This would be something like a makeshift "double hop" if it worked, but we're guessing connect and route must have the same IP, but we could save a lot of typing if we could use just one stunnel for several openvpn .conf files.
2. Can we include a little tighter security in stunnel .conf file by putting stunnel .conf files in:
/etc/stunnel/conf.d/default.conf
The website: https://www.stunnel.org/config_unix.html shows this as possible in the stunnel .conf file:
<<
; It is recommended to drop root privileges if stunnel is started by root
;setuid = nobody
;setgid = nogroup
...
; **************************************************************************
; * Include all configuration file fragments from the specified folder *
; **************************************************************************
;include = /usr/local/etc/stunnel/conf.d
>>
If there is not advantage to this, then we'll skip it.
German or English is fine for this thread. I've read through the threads in both languages here, and I did not see this particular question.
Many Thanks!
Using stunnel now from the setup on your excellent tutorial on several Ubuntu 20 machines, with both stunnel and openvpn from the command line. We're also assuming that stunnel cannot be done from the xwindows gui app on Ubuntu, but we prefer command line anyway. So:
1. Must the "connect" option in the stunnel .conf file have the same IP as the "route" option in the opepvpn .conf file? Would it work to open the stunnel to Rotterdam3 but connect through the stunnel to Amsterdam4, for example? This would be something like a makeshift "double hop" if it worked, but we're guessing connect and route must have the same IP, but we could save a lot of typing if we could use just one stunnel for several openvpn .conf files.
2. Can we include a little tighter security in stunnel .conf file by putting stunnel .conf files in:
/etc/stunnel/conf.d/default.conf
The website: https://www.stunnel.org/config_unix.html shows this as possible in the stunnel .conf file:
<<
; It is recommended to drop root privileges if stunnel is started by root
;setuid = nobody
;setgid = nogroup
...
; **************************************************************************
; * Include all configuration file fragments from the specified folder *
; **************************************************************************
;include = /usr/local/etc/stunnel/conf.d
>>
If there is not advantage to this, then we'll skip it.
German or English is fine for this thread. I've read through the threads in both languages here, and I did not see this particular question.
Many Thanks!