Posted on 2004-08-05
I have stunnel 4.x running across win32 in order to access a RSYNC demon across the internet a little more securely.
Question is how secure is this really? What are the vulnerabilities I should know?
I have setup the server with a newly created server.pem but the client doesn't seem to need a copy of this to access the daemon at the file server. Am I right in thinking the server must send the public key (is this the same as the certificate) to the client?
I thought the client always required a copy of the public key
Am q. confused as there is maybe too much info on this!