Tuesday, July 19, 2005


Stunnel can work by either:

  • Receiving unencrypted data and sending it to an SSL server
  • Receiving encrypted data and
    • Sending the decrypted data to an arbitrary port on that or another machine
    • Launching a local program (as does inetd) to talk to the remote machine over the encrypted channel.

On unix machines, Stunnel can be run out of inetd, much like telnetd or ftpd, or it can be run as a standalone daemon, which in general is the prefered method. On NT it can only be run from a command prompt (DOS window,) not as a true NT service (Note by gwork: Well, with 4.x it's possible). We list several 'hacks' that let you do this, however, in the FAQ.