sites

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

commit 5543405891615c031bafd22be39f73c67d2dfeb9
parent 69d2426e2d8efed42cac3b9b91b104eacb456d92
Author: Josuah Demangeon <mail@josuah.net>
Date:   Sat, 10 Feb 2018 01:54:21 +0100

add a note for using ii for tls channels

Diffstat:
Mtools.suckless.org/ii/usage.md | 27+++++++++++++++++++++++++++
1 file changed, 27 insertions(+), 0 deletions(-)

diff --git a/tools.suckless.org/ii/usage.md b/tools.suckless.org/ii/usage.md @@ -56,3 +56,30 @@ hysteria lchat ----- [lchat](https://github.com/younix/lchat) is a line oriented terminal font-end. + +TLS/SSL +------- +To connect to a TLS/SSL encrypted channel, it is possible to use the [SSL patch](/patches/ssl) or a proxy: + +[stunnel](https://www.stunnel.org/) is a proxy for an unencrypted TCP connection to TLS: + +In `/etc/stunnel/stunnel.conf`: + + [irc.oftc.net] + accept = 127.0.0.1:<your-port> + connect = irc.oftc.net:6697 + +[inetd](http://man.openbsd.org/inetd) listens on multiple TCP ports and can connect a program standard input and output to a TCP socket. +This enables it to act as a simple proxy using any command line TLS client, such as [openssl s_client](http://man.openbsd.org/openssl#S_CLIENT), [brssl client](https://bearssl.org/gitweb/?p=BearSSL;a=blob;f=tools/brssl.c;h=91372b09f42149a503f9d13db0b78cf0a123611e;hb=HEAD#l43), nc -ssl, socat... or any other: + +In `/etc/services`: + + irc-oftc <your port>/tcp + +In `/etc/inetd.conf`: + + irc-oftc stream tcp nowait nobody /usr/bin/openssl openssl s_client -quiet -connect irc.oftc.net:6697 + +Then a proxy should be available at localhost:<your port> for ii to connect to: + + ii -s 127.0.0.1 -p <your port>