Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Using Samba
Prev Home Next

A.4 Setting Up SSL Proxy

The SSL Proxy program is available as a standalone binary or as source code. You can download it from https://obdev.at/Products/sslproxy.html.

Once it is downloaded, you can configure and compile it like Samba. We will configure it on a Windows NT system. However, setting it up for a Unix system involves a nearly identical series of steps. Be sure that you are the superuser (administrator) for the next series of steps.

If you downloaded the binary for Windows NT, you should have the following files in a directory:

  • cygwinb19.dll

  • README.TXT

  • sslproxy.exe

  • dummyCert.pem

The only one that you will be interested in is the SSL Proxy executable. Copy over the phoenix.pem and phoenix.key files that you generated earlier for the client to the same directory as the SSL proxy executable. Make sure that the directory is secure from the prying eyes of other users.

The next step is to ensure that the Windows NT machine can resolve the NetBIOS name of the Samba server. This means that you should either have a WINS server up and running (the Samba server can perform this task with the wins support = yes option) or have it listed in the appropriate hosts file of the system. See Chapter 7, Printing and Name Resolution, for more information on WINS server.[ 1]

[1] If you are running SSL Proxy on a Unix server, you should ensure that the DNS name of the Samba server can be resolved.

Finally, start up SSL Proxy with the following command. Here, we assume that hydra is the name of the Samba server:


#

 C:\SSLProxy>sslproxy -l 139 -R hydra -r 139 -n -c phoenix.pem -k phoenix.key

This tells SSL Proxy to listen for connections to port 139 and relay those requests to port 139 on the NetBIOS machine hydra. It also instructs SSL Proxy to use the phoenix.pem and phoenix.key files to generate the certificate and keys necessary to initiate the SSL connection. SSL Proxy responds with:


Enter PEM pass phrase:

Enter the PEM pass phrase of the client keypair that you generated, not the certificate authority. You should then see the following output:


SSL: No verify locations, trying default
proxy ready, listening for connections

That should take care of the client. You can place this command in a startup sequence on either Unix or Windows NT if you want this functionality available at all times. Be sure to set any clients you have connecting to the NT server (including the NT server itself) to point to this server instead of the Samba server.

After you've completed setting this up, try to connect using clients that proxy through the NT server. You should find that it works almost transparently.

Using Samba
Prev Home Next

 
 
  Published under the terms of the Creative Commons License Design by Interspire