SMB patched Stunnel howto

To: stunnel-users@mirt.net
Date: Wed, 17 Jan 2001 14:20:24 +1000 (EST)
From: Grant <grant@conprojan.com.au>
Subject: Re: Windows 95 + Stunnel + Samba 2.0.7 SSL.


How to setup a SSL Samba server using Stunnel to proxy connections from Windows
9X clients to the Samba server.

Installing the software.

Obtain the latest release of openssl and perform the following steps on both the+Stunnel machine and the SSL Samba machine.

1. tar -zxf openssl-0.9.6.tar.gz
2. cd openssl-0.9.6
3. ./config
4. make
5. make test
6. make install

Obtain the latest release of Samba and perform the following steps on the SSL
Samba machine.

1. tar -zxf samba-2.0.7.tar.gz
2. cd samba-2.0.7
3. ./configure -with-ssl
4. make
5. make install

Obtain the latest release of Stunnel and perform the following steps on the
Stunnel machine. It will prompt you to create a certificate.

1. tar -zxf stunnel-3.11-kai-gui.tar.gz
2. cd stunnel-3.11-kai-gui
3. ./configure
4. make
5. make install

Configuring the software.

You must create a server certificate for the SSL Samba server. Then place the
following directives in the smb.conf:

ssl = yes
ssl server cert = /usr/local/ssl/certs/server.cert
ssl server key = /usr/local/ssl/certs/server.cert.key
ssl ca certdir = /usr/local/ssl/certs

Once you've created a share and tested connecting to the SSL Samba server from
localhost using smbclient then you are ready to setup Stunnel.

Start Stunnel on the Stunnel machine with the following command:

/usr/local/sbin/stunnel -d 139 -r [IP of SSL Samba Server]:139 -c -n smb -D6 -f
-P none

Now edit C:\Windows\hosts on the Windows 9X machine and add an entry for the IP
address of the Stunnel machine, something like:
192.168.1.4 rhino

Reboot the Windows 9X machine.

Once the machine has rebooted, load a DOS prompt and issue the following
command:

C:\Windows\net use I: \\Stunnelmachine\shareonSSLSamba

That should mount the drive and you can use it as if it were any other Networked+drive.