# # # http://www.rickk.com/sslwrap/ # # # REQUIRES openssl to be installed first # ====================================== # # tar zxvfp sslwrap.tar.gz # cd sslwrap206 # # redhat:/usr/bin# ln -s egcs gcc -- make sure we using egcs # make cp sslwrap /usr/local/sbin/ # # # Make a self-signed certificate # ------------------------------ # cd /usr/local/ssl/certs /usr/local/ssl/bin/openssl req -new -x509 -nodes -out server.pem -keyout server.pem -days 365 ln -s server.pem `/usr/local/ssl/bin/openssl x509 -noout -hash < server.pem`.0 chmod 600 server.pem # # You can also use sslwrap without a certificate; to do this use the -nocert option # in the command line for either inetd or daemon mode. # # # == or == # http://security.fi.infn.it/tools/stunnel/index-en.html # # /usr/local/ssl/bin/openssl req -new -nodes -out req.pem -keyout key.pem -config /usr/local/ssl/lib/srv.cnf # # # Add secure port info to /etc/services # Add wrapper into to /etc/inetd.conf # # Restart inetd # # telnet localhost 110 -- secure port # # # # ---------------------------------------------------- # redhat:/usr/local/src/sslwrap206# gcc -v Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/2.96/specs gcc version 2.96 20000731 (Red Hat Linux 7.0) # # redhat:/usr/local/src/sslwrap206# make gcc -o sslwrap s_server.c s_socket.c s_cb.c -O2 -DFLAT_INC -DOPENSSL="\"openssl/\"" \ -L/usr/local/ssl/lib -lssl -lcrypto \ -I/usr/local/ssl/include \ s_server.c:124:17: junk at end of #include :124:17: /usr/local/ssl/include/openssl/ is a directory s_server.c:125:17: junk at end of #include :125:17: /usr/local/ssl/include/openssl/ is a directory # # # # FIX gcc problem # =============== # redhat:/usr/bin# ln -s egcs gcc -- make sure we using egcs # # redhat:/usr/local/src/sslwrap206# gcc -v Reading specs from /usr/lib/gcc-lib/i386-glibc21-linux/egcs-2.91.66/specs gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) # # # # -------------------------------------- # Redhat-7.0 already has pop3s defined # -------------------------------------- # # redhat:/usr/local/ssl/certs# vi /etc/xinetd.d/pop3s # redhat:/usr/local/ssl/certs# telnet localhost 110 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused redhat:/usr/local/ssl/certs# telnet localhost 995 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused # # # end of file