• Front Door over SSL

    From Ioram@21:3/104 to Avon on Wed Jun 6 22:49:00 2018
    Hi Avon,

    Would you be interested in configuring Front Door over an encrypted connection using SSL?

    Please let me know if you are. :)

    I thought on two possibilities that should work...

    1. Running a copy of Netserial w/ SSL support
    2. Running stunnel in front of Netserial

    Regards,
    Ioram


    ---
    * Origin: Brain Storm BBS * http://www.bsbbs.com.br * Recife,BR (21:3/104)
  • From Avon@21:1/101 to Ioram on Thu Jun 7 14:55:20 2018
    On 06/06/18, Ioram pondered and said...

    Would you be interested in configuring Front Door over an encrypted connection using SSL?

    Please let me know if you are. :)

    Yes I am interested :)

    1. Running a copy of Netserial w/ SSL support
    2. Running stunnel in front of Netserial

    I will look into these - do you have a preference?

    --- Mystic BBS v1.12 A39 2018/04/21 (Windows/32)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Ioram@21:3/104 to Avon on Thu Jun 7 07:19:00 2018
    Hi Avon,

    Would you be interested in configuring Front Door over an encrypted connection using SSL?

    Yes I am interested :)

    Awesome! :)

    1. Running a copy of Netserial w/ SSL support
    2. Running stunnel in front of Netserial

    I will look into these - do you have a preference?

    SSL is a standard protocol, so I believe we can use different solutions on our sides, and they should talk.

    Since my Netserial supports SSL, I think it's easier for me to enable SSL in my current configuration. However, I can only do this when you have your side ready to receive SSL connections.

    I think you should install another Front Door task/modem for this, using the same node (21:3/100) but a different port than 24558. Is this possible?
    If not, we can try a different node address.

    Another thing is we will need a certificate. Maybe a self-signed will do the job for now. And we just need to remove verification. Than, we can issue a proper ones signed by a CA (maybe we can create one, and exchange its root certificate).

    What do you think? :)

    Let me know if you need any help on configuring your side.
    When it's ready, and I can configure mine and test it. :)

    Regards,
    Ioram


    ---
    * Origin: Brain Storm BBS * http://www.bsbbs.com.br * Recife,BR (21:3/104)
  • From Richard Menedetter@21:1/104 to Ioram on Thu Jun 7 13:55:08 2018
    Hi Ioram!

    07 Jun 2018 07:19, from Ioram -> Avon:

    Another thing is we will need a certificate. Maybe a self-signed will
    do the job for now. And we just need to remove verification. Than, we
    can issue a proper ones signed by a CA (maybe we can create one, and exchange its root certificate).

    It should also be possible to use certificates from letsencrypt. https://letsencrypt.org/

    I thought JoHo wanted to implement real BinkP support in FroDo.

    CU, Ricsi

    --- GoldED+/LNX
    * Origin: A flashlight is a case for holding dead batteries. (21:1/104)
  • From Ioram Sette@21:3/104 to Richard Menedetter on Thu Jun 7 22:39:18 2018
    Hi Richard,

    Than, we can issue a proper ones signed by a CA (maybe we can
    create one, and exchange its root certificate).

    It should also be possible to use certificates from letsencrypt. https://letsencrypt.org/

    That's true. I use letsencrypt on my web site.
    Just checked that NetSerial allows builtin certificates, so I think this would also be an option.

    I thought JoHo wanted to implement real BinkP support in FroDo.

    Cool! This is a nice news. :)

    I currently use IREX to connect to Fidonet through binkp, but I'm very happy to
    use Front Door again, after 25 years. A binkp version of it is very welcome. :) I'll be happy to test it here.

    []'s,
    Ioram Sette


    ---
    * Origin: Brain Storm BBS * http://www.bsbbs.com.br * Recife, BR (21:3/104)
  • From Richard Menedetter@21:1/104 to Ioram Sette on Sun Jun 10 20:33:16 2018
    Hi Ioram!

    07 Jun 2018 22:39, from Ioram Sette -> Richard Menedetter:

    I thought JoHo wanted to implement real BinkP support in FroDo.
    Cool! This is a nice news. :)

    I tried to find back the mail ... I could not find it.
    Just found this:
    "As for FD for other platforms than DOS and OS/2, yes, that is the direction I'm trying to move in. But there's a
    lot of work involved in porting the base layer of the application.

    I'm on it."

    CU, Ricsi

    --- GoldED+/LNX
    * Origin: File Not Found. Loading something that looks similar. (21:1/104)
  • From Ioram@21:3/104 to Richard Menedetter on Mon Jun 11 09:26:00 2018
    Hi Richard,

    "As for FD for other platforms than DOS and OS/2, yes, that is the direction
    I'm trying to move in. But there's a
    lot of work involved in porting the base layer of the application.
    I'm on it."

    Cool! When did he write this?

    Just figuring which platforms is he wondering...
    W32? Unix/Linux?

    Regards,
    Ioram


    ---
    * Origin: Brain Storm BBS * http://www.bsbbs.com.br * Recife,BR (21:3/104)
  • From Richard Menedetter@21:1/104 to Ioram on Mon Jun 11 21:56:00 2018
    Hi Ioram!

    11 Jun 2018 09:26, from Ioram -> Richard Menedetter:

    "As for FD for other platforms than DOS and OS/2, yes, that is the
    direction
    I'm trying to move in. But there's a
    lot of work involved in porting the base layer of the application.
    I'm on it."
    Cool! When did he write this?

    From : Joaquim Homrighausen 2:20/4609 26 Sep 2017 21:46
    To : IB JOE 26 Sep 2017 23:19
    Subj : Interfacing FD with

    Just figuring which platforms is he wondering...
    W32? Unix/Linux?

    I assume both.

    CU, Ricsi

    --- GoldED+/LNX
    * Origin: Beauty times brains is a constant. (21:1/104)
  • From Ioram@21:3/104 to Avon on Wed Jun 13 08:19:00 2018
    Hi Avon,

    1. Running a copy of Netserial w/ SSL support
    2. Running stunnel in front of Netserial

    I will look into these - do you have a preference?

    I configured a Front Door node answering with telnet/SSL at bsbbs.com.br:24556.
    You may try to connect anytime.

    I'm using a default SSL certificate that I think it came with Netserial.
    So, it may fail if you verify it...
    I'm also using Windows XP's root certificates to validate the certificate, so it may fail if you use a certificate it doesn't recognize.
    I can alleviate this later.
    If we decide to use Let's Encrypt, I can configure its root certificate and also a valid certificate to me.

    What do you think?

    Regards,
    Ioram


    ---
    * Origin: Brain Storm BBS * http://www.bsbbs.com.br * Recife,BR (21:3/104)