#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2002
    Posts
    409
    Rep Power
    13

    Question What the best SSL Tunnel wrapper: Stunnel, or SSLWrap?


    I'm on FreeBSD and I want to tunnel the VNC service. I'd like to do it at the server end, not the client.

    Basically I'm looking for the least resource intensive package:

    1. SSLWrap

    http://www.quiltaholic.com/rickk/sslwrap/

    2. Stunnel

    http://www.stunnel.org/

    OpenSSL

    http://www.openssl.org/
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2001
    Posts
    174
    Rep Power
    18


    VCR clock programmer and toaster repairman, best rates and best work around
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2002
    Posts
    409
    Rep Power
    13
    Hey Bob thanks.

    I have been trying Tight, but can't seem to get it to work.

    I tried:

    1) installing VNC, then installing Tight on top of it

    and

    2) Just installing TightVNC

    When I connected through VNC the same way as normal, I got some HTML code, but no desktop.

    Have you been getting it to work on FreeBSD?
    Last edited by Ted Striker; March 28th, 2002 at 10:37 PM.
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2002
    Posts
    409
    Rep Power
    13
    Oh, alot of the mailing lists are saying SSLWrap hasn't been developed since 1999.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2001
    Posts
    174
    Rep Power
    18
    Sorry I have not used it yet I just read the features and figured that they say UNIX so I assumed.
    But I don't really see why? It would not work.

    ::actually it is in the ports tree under net
    Last edited by Bob Loblaw; March 28th, 2002 at 10:44 PM.


    VCR clock programmer and toaster repairman, best rates and best work around
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2002
    Posts
    409
    Rep Power
    13
    Okay.

    I've been using the ports, but no go. I must be overlooking something.
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2001
    Posts
    174
    Rep Power
    18
    did regular vnc work?


    VCR clock programmer and toaster repairman, best rates and best work around
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2002
    Posts
    409
    Rep Power
    13
    Regular VNC worked great with the default package install.

    Now the TightVNC seems to be working! Yes!!!

    I:

    1) Uninstalled VNC and TightVNC
    2) rebooted (I know this isn't windows but what the heck)
    3) Reinstalled just VNC through ports and tested to make sure it worked
    4) Shutdown VNC service
    5) rebooted
    6) installed TightVNC through ports
    7) started TightVNC the same way I would regular VNC

    I can already see a big performance improvement!

    Thanks for the tip Bob. I'll let you know how the secure sockets configuration goes.
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2001
    Posts
    174
    Rep Power
    18
    good stuff I am sure i will be using it sometime.


    VCR clock programmer and toaster repairman, best rates and best work around
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2002
    Posts
    409
    Rep Power
    13
    Well apparently there was at one time a patch that allowed you to run VNC through SSLeay. It is no longer maintained:

    http://web.mit.edu/thouis/oldvnc/

    All of the other solutions involve configuration of the client:

    1. SSL: http://stunnel.mirt.net/VNC_StunnelHOWTO.html

    2. SSH: http://www.uk.research.att.com/vnc/sshvnc.html

    Damn! No easy answer. I'd rathar have this going off on the server. Oh well.

IMN logo majestic logo threadwatch logo seochat tools logo