Hello there, i've been using HFS for about 5-9 years and when i started i didn't read any of the docs. I was fascinated with the potential and ease of this program and it web capabilities.
Which is why i'm posting my information on setting up hfs with stunnel.
Most information for doing this has already been done and setup many thanks to these people, but (for me) even flowing there instruction i ran in to problems, it is my hope that these issues can be fixed in this topic, either by helping each other or sharing our findings.
the link is here:
http://www.rejetto.com/wiki/index.php?title=HFS:_Secure_your_server( this page is the base of my setup )
although, i had to edit my stunel config a bit more to make it work the way i wanted...
Following this(the link provided and the instruction here latter) will most likely get you a https access... as it will be prety much straight forward.
Although, in my setup i ran in to fips errors and other setup issues, so i will be posting my finds here shortly (along with zip files of stunnel and openssh (you will have to recrate you security keys, and the key uploaded are no longer available for access to my server for security purposes...
so first let us get are tools:
For this tutorail i asume you will have a folder in the root of c:
path: C:/webroot/Hfs.exe
You will need to create a folder in that path and call it stunnel (this will be you install path for the program)
You will need to create a folder in that path and call it openssh (this will be you install path for the program)
You will need:
HFS - latest stable version 2.2f info
http://www.rejetto.com/hfs/?f=dl (
http://www.rejetto.com/hfs/download )
Openssh - info
http://slproweb.com/products/Win32OpenSSL.html (
http://slproweb.com/download/Win32OpenSSL-1_0_1g.exe )
Stunnel - (
ftp://stunnel.mirt.net/stunnel/stunnel-4.56-installer.exe )
Ccleaner - info/donwload (
http://www.filehippo.com/download_ccleaner/ )
---------------------------------------------
You will need to install openssh first!
see info as open ssh requires other "updates" installs such as (Visual C++ 2008 Redistributables)...
once it is installed go to the directory and zip it in a compressed zip folder and put it some where safe like the desktop! we will be using it later
Now install stunnel
You wil be prompted to create security keys, from a batch, that is fine put what ever you like, but your computer name must be in the very last line asked
"commonName = Common Name (FQDN of your server) "
once it is installed go to the directory and zip it in a compressed zip folder and put it some where safe like the desktop! we will be using it later
-----------------------------------
You should now have 2 compressed zip files one open ssh and the other stunnel... make sure you have them ready as we will need them for the portable versions...
Now open ccleaner and uninstall stunnel and openssh (only do this if you are making it portable)
If you uninstalled the programs
run ccleaners registry cleaner (we do this to remove stunnel and open ssh registry files to prevent issues later down the road...) other wise you can skip this
then restart the machine
the point form these installs is getting particular files and eventual making it portable as once we get the files, you will need to uninstall openssh and stunnel as the zip files house portable excutions...
---------ignore this if you don't want the portable as you will hve to edit stunel config to work with hfs...----------
open you web path: c:/webroot/hfs.exe
( delete stunnel and openssh folders) as they may still be left from the install
create a folder called stunnel and put the ziped files in this folder
to clarify you should have you path: c:/webroot
inside this folder should be hfs.exe and another folder stunnel
inside stunnel should be the 2 zip folders created earlier
we will now extract the files so you should have a structure like this:
using cmd dir comand(these are the files you should have extracted, the zips contain maore, but htis is all that we will need:
create_pem.bat (which will be created latter by us )
OpenSSL-Win32.zip
stunnel.zip
libeay32.dll
libssl32.dll
openssl.exe
pem.conf
stunnel.conf
stunnel.exe
stunnel.html
stunnel.log
stunnel.pem
zlib1.dll
-----
if you wan to take the easy way out i have made a zip file of my webroot with stunnel and its configs...
----
----------------------
create a batch file named create_pem.bat (in open save as with all file types...)
batch contains:
openssl.exe req -new -x509 -days 3650 -nodes -config pem.conf -out stunnel.pem -keyout stunnel.pem
-------------------------
run the batch files, this will change you key, by asking the same question you had when you installed stunnel
(this is how stunnel generates you certificate...
congrats, all we have left to do is edit th stunnel config:
open the stunnel config: and delete everything in it and replace it with this:
-----------
; Lines preceded with a “;” are comments
; Empty lines are ignored
; For more options and details: see the manual (stunnel.html)
; i had issues with fips mode and my keys, in which to make it wok i need to disable fips
;
https://developer.mozilla.org/en-US/docs/NSS/FIPS_Mode_-_an_explanationfips = no
; File with certificate and private key
cert = stunnel.pem
key = stunnel.pem
; Log (1= minimal, 5=recommended, 7=all) and log file)
; Preceed with a “;” to disable logging
debug = 5
output = stunnel.log
; Some performance tuning
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
; Data compression algorithm: zlib or rle
compression = zlib
; SSL bug options / NO SSL:v2 (SSLv3 and TLSv1 is enabled)
options = ALL
options = NO_SSLv2
; Service-level configuration
; Stunnel listens to port 443 (HTTPS) to any IP (443 need to be port forwarded)
; and connects to port 4430 (HFS) on machine ip adress(which should be static)
[https]
accept = 0.0.0.0:443
connect = 192.168.1.254:4430
TIMEOUTclose = 0
-------
that it, with a little fudging, hfs should be available through https
here is the download:
Google has deleted it from my drive??? unknown why - can't seem to fin it...just isn't there...
i would have you go to Silent plz post to get file and/or use taht version of hfs with stunnel!...
http://www.rejetto.com/forum/hfs-~-http-file-server/for-testing-purpose-hfs-beta-279-including-ssl-tools/