Re: Starting stunnel with systemd.

To: debian-user@lists.debian.org
Subject: Re: Starting stunnel with systemd.
From: peter@easthope.ca
Date: Mon, 24 Apr 2023 07:26:35 -0700
Message-id: <[🔎] 6c1ca55212823a1bb3c87df7cd731587@easthope.ca>

In-reply-to: <[🔎] 0a2de6ba-15a9-0b01-50f1-b75ad750f176@darac.org.uk>

References: <[🔎] 897c4593eca5f214cddd3d8af000cd51@easthope.ca><[🔎] 0a2de6ba-15a9-0b01-50f1-b75ad750f176@darac.org.uk>


    From: Darac Marjal <mailinglist@darac.org.uk>
    Date: Sun, 23 Apr 2023 19:09:16 +0100

1. stunnel hasn't been in Debian since etch (Debian 4.0).


Thanks for catching that.

2. stunnel4 comes with a service file template
(https://sources.debian.org/src/stunnel4/3%3A5.68-2/debian/stunnel4%40.stunnel.service/),
which is likely to have been tested to work.


Thanks.  Adjusted  /etc/systemd/system/stunnel.service accordingly.
For anyone else interested, PrivateTmp is described in the
systemd.exec(5) manual.
https://www.freedesktop.org/software/systemd/man/systemd.exec.html

The template might work exactly when no authentication is involved.

3. Could the warning about protecting your POP3 connection be the
cause?


Appears likely.  My intention is that stunnel provides a tunnel in
which POP3 can operate securely. When stunnel is started
interactively, no problem is evident and the MUA authenticates in POP3
inside the tunnel.

The systemd.exec manual cited above has a Credentials section.
Intrigued to study more when I have time.  =8~)

Thx,           ... P.

Reply to:

Follow-Ups:
- Re: Starting stunnel with systemd.
  - From: David Wright <deblis@lionunicorn.co.uk>

Prev by Date: Boot from iso (was: Re: efi problem)
Next by Date: Re: is nft running? how do I get info?
Previous by thread: Re: Starting stunnel with systemd.
Next by thread: Re: Starting stunnel with systemd.
Index(es):
- Date
- Thread