GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  SSLTUNNELRC (5)

NAME

ssltunnelrc - SSL Tunnel client configuration file

CONTENTS

Description
Settings
Network Options :
PPP Options:
SSL Options:
Misc Options:
Example
Files
Bugs
See Also
Authors

DESCRIPTION

ssltunnelrc file contains configuration information for pppclient, the ssltunnel client software.

The ssltunnelrc file is a free-form ASCII text file, parsed by pppclient. The file may contain extra tabs and newlines for formating purpose. Keywords should be written in lowercase, and separated from value by at least one space or tab character.

Lines beginning with # are ignored.

Options commented out or not present have default values, incorrect options are reported on STDERR when pppclient read the file. Boolean parameters are hardcoded as 0 for false and 1 for true.

Upon startup, if no option is given on command line, pppclient reads the $HOME/.ssltunnelrc configuration file.

SETTINGS

The following parameters can be set :

Network Options :

remotehost (str) IP Address or DNS name of remote host running ssltunnel server.
port (int) Port on which the remote ssltunnel server is listening. Defaults to 443.
useproxy (bool) If set, pppclient should connect using an HTTP Proxy. Defaults to 0.
proxy (str) IP Address or DNS name of HTTP Proxy to use. No default.
proxyport (int) Proxy port, defaults to 8080.
proxyuser (str) Username to send for authentication on proxy. Defaults to none.
proxypass (str) Password to send for authentication on proxy. Defaults to none.
autoreconnect (bool) If set to 1, if link goes down (ppp exit), pppclient will try to reconnect to server after waiting for 10 seconds.
timeout (int) Timeout in seconds used in many operations such as reading banner, reading proxy response, ... Defaults to 10.

PPP Options:

localppp (str) pppd local path on client. Defaults to /usr/sbin/pppd.
bsdppp (bool) If set to 1, launches ppp program with options suitable for BSD userland ppp(1) program. Defaults to 0.
localproxyarp (bool) If set to 1, pppd will be launched with proxyarp option, allowing remote host to have a local LAN address and be seen on the LAN without routing changes. Defaults to 0.
localechoint (int) Number of seconds between LCP-Echo requests sent to the remote peer. This is used to monitor link and exit if peer does not respond anymore. See also next option. Defaults to 10.
localechofail (int) Number of LCP-Echo requests lost (no LCP-Echoreply received) before declaring link dead. Defaults to 10.
peer (str) Name of ppp peer. If set, pppd will look for options in /etc/ppp/peers. If not set, you will probably need to set noauth option in /etc/ppp/options. When using BSD Userland ppp, this is the label name used (ppp is launched with ppp -direct peer command line). Defaults to none.
ipparam (str) Set the pppd ipparam parameter, which is passed to /etc/ppp/ip-up script when link goes up. This can be used for example to set different routes automatically depending on your target. Defaults to none.

SSL Options:

cacertfile (str) File containing in PEM format the CA authorities trusted by the client. Beware that if you put unsecure or unknown certs in this file, someone can hijack your connexion.
certfile (str) File containing in PEM format your certificate, signed by a CA authority trusted by the server.
keyfile (str) File containing the private RSA key used with the certificate. If the key is protected by a passphrase, it will be asked during initialization of OpenSSL layer.

Misc Options:

verbose (bool) If set, pppclient will log on STDERR server responses and print a line for every packet sent or received. Defaults to 1. You probably want to turn this off if using pppclient in daemon mode.
daemon (bool) If set, pppclient will fork and detach from terminal after reading configuration file. Defaults to 0.
logfile (str) When started in daemon mode, pppclient will normally log with syslog (local6 facility). If set, then log are appended to this file.

EXAMPLE

Example below of a configuration file will connect to 192.168.200.1 port 443, by using proxy 192.168.10.1 (port 3128) with rominet user and fubar password. pppd will be called with ssltunnel peer name.

autoreconnect 1
verbose 1
# Target
remotehost 192.168.200.1
port 443
# My Certificates
cacertfile /home/demo/certs/ca-cert.pem
certfile /home/demo/certs/client.crt
keyfile /home/demo/certs/client.key
ipparam tunnel
peer ssltunnel
useproxy 1
# My Proxy configuration
proxy 192.168.10.1
proxyport 3128
proxyuser rominet
proxypass fubar

The file /etc/ppp/peers/ssltunnel will simply be, assuming remote host will not ask for PAP or CHAP authentication :

noauth

and /etc/ppp/ip-up will place some routes to hosts 192.168.200.10 and 192.168.200.11 inside the tunnel (example is for FreeBSD, see route(8) for your system) :

#!/bin/sh
if [ $6 = ’tunnel’ ]; then
/sbin/route add -host 192.168.200.10 -iface $1
/sbin/route add -host 192.168.200.11 -iface $1
fi

FILES

$HOME/.ssltunnelrc Default configuration file.
/etc/ppp/options pppd Configuration
/etc/ppp/ppp.conf BSD Userland ppp Configuration
/etc/ppp/ip-up Script run when interface goes up

BUGS

Please report them !

SEE ALSO

pppclient(1), gpppclient(1)

AUTHORS

Alain Thivillon <ssltunnel@rominet.net>
Search for    or go to Top of page |  Section 5 |  Main Index


SSLTUNNELRC (5) September 06, 2003

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.