--- tools.suckless.org/ii/usage.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/tools.suckless.org/ii/usage.md b/tools.suckless.org/ii/usage.md index c9720dd..0d3fc13 100644 --- a/tools.suckless.org/ii/usage.md +++ b/tools.suckless.org/ii/usage.md _AT_@ -56,3 +56,30 @@ hysteria lchat ----- [lchat](https://github.com/younix/lchat) is a line oriented terminal font-end. + +TLS/SSL +------- +To connect to a TLS/SSL encrypted channel, it is possible to use the [SSL patch](/patches/ssl) or a proxy: + +[stunnel](https://www.stunnel.org/) is a proxy for an unencrypted TCP connection to TLS: + +In `/etc/stunnel/stunnel.conf`: + + [irc.oftc.net] + accept = 127.0.0.1:<your-port> + connect = irc.oftc.net:6697 + +[inetd](http://man.openbsd.org/inetd) listens on multiple TCP ports and can connect a program standard input and output to a TCP socket. +This enables it to act as a simple proxy using any command line TLS client, such as [openssl s_client](http://man.openbsd.org/openssl#S_CLIENT), [brssl client](https://bearssl.org/gitweb/?p=BearSSL;a=blob;f=tools/brssl.c;h=91372b09f42149a503f9d13db0b78cf0a123611e;hb=HEAD#l43), nc -ssl, socat... or any other: + +In `/etc/services`: + + irc-oftc <your port>/tcp + +In `/etc/inetd.conf`: + + irc-oftc stream tcp nowait nobody /usr/bin/openssl openssl s_client -quiet -connect irc.oftc.net:6697 + +Then a proxy should be available at localhost:<your port> for ii to connect to: + + ii -s 127.0.0.1 -p <your port> -- 2.14.2Received on Sat Feb 10 2018 - 01:55:12 CET
This archive was generated by hypermail 2.3.0 : Sat Feb 10 2018 - 02:00:26 CET