From: candycanearter07@candycanearter07.nomail.afraid
David W. Hodgins wrote at 17:09 this Friday
(GMT):
> On Fri, 01 Mar 2024 10:20:10 -0500, candycanearter07 wrote:
>
>> Paul wrote at 08:42 this Friday (GMT):
>>> E-S offers both. This allows really ancient clients which
>>> lack SSL/TLS to connect to the server (119). And there are
>>> people who like the really old client software. There
>>> is no such thing as "too old software" when it
>>> comes to USENET.
>
>> Oh does slrnpull support ssl?
>>
>>> It would be like expecting an EMACS user to stop using EMACS.
>>> Not gonna happen.
>>
>> Or vim users
>
> For usenet clients that do no support ssl, stunnel can be used. The
> program I'm using does not support it, so I use it.
>
> In /etc/stunnel/stunnel.conf I have ...
> [nntps]
> client=yes
> connect=news.eternal-september.org:563
> cert=/etc/pki/tls/certs/stunnel.pem
> accept=564
> TIMEOUTconnect=60
>
> The program I'm using (leafnode) then connects using localhost:564.
> In /etc/leafnode/config ...
> server = localhost
> port = 564
> #server = news.eternal-september.org
> #port = 119
> username = munged
> password = munged
> timeout = 300
> timeout_fetchnews = 300
> initialfetch = 500
> nodesc = 1
> maxage = 5
> filterfile = /etc/leafnode/filters
> debugmode = 0
> create_all_links = 0
> allow_8bit_headers = 1
> article_despite_filter = 1
> noxover = 1
>
> The commented out above were for testing leafnode without using stunnel.
>
> I then have my usenet reader set to collect articles from localhost port 119,
> without any authentication needed.
>
> Besides encrypting the password, another benefit is that for slow connections
> it's faster as the encryption includes compression.
>
> Regards, Dave Hodgins
Oh, that's a neat little trick. If slrnpull does support SSL, I
would still want to use the native implementation.
--
user is generated from /dev/urandom
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
