[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encrypt data between socket client and server

[Thread Prev] | [Thread Next]

[Date Prev] | [Date Next]

Subject: Re: Encrypt data between socket client and server
From: Olivier Cruilles <olivier.cruilles@xxxxxxxx>
Date: Wed, 4 Mar 2026 20:18:50 -0500
To: List Gambas Mailing <user@xxxxxxxxxxxxxxxxxxxxxx>
Cc: Olivier Cruilles <olivier.cruilles@xxxxxxxx>

Hi gbWilly,

Multiple solutions existe to encrypt data between a client and a server.

1) Encryption of each piece of data send from one side to the other:

	- Define a word at the begin of each piece of data + the encrypted data + the checksum + word to end the piece of data

	- Example:  PIECESTART + ‘:’ + < data encrypted with SHA256 > + ‘:’ + < checksum of the data encrypted > + ‘:’ + ENDPIECE

Note: Be careful because data over a socket buffer does not arrive/send in one shot, so take care to re-assemble all the flow before trying to analyse it of decrypt it.


2) Solution 2: SSH tunnel

	- SSH can create a tunnel between 2 hosts or IPs, even on the same Linux machine
	- You can start the SSH tunnel manually, at one time, by entering the SSH password or using an SSH Key
		- Once the tunnel is established, it will live until you kill it or the machine reboot

	- Example:  Redirection from Machine 1 - Port 1000 -> SSH Tunnel -> to Machine 2 - Port 2000 

		- Cmd:  ssh -f <user>@machine2 -L 1000:127.0.0.1:2000 -N

			- Here 127.0.0.1 represent the localhost of Machine2

3) Solution 3: Wireguard

	- Wireguard is a way to build a simple VPN between 2 or more Machines/Host, totally encrypted.
	- It’s easy to create a new VPN network between 2 Hosts, as it’s like create an ssh communication by using a token (equal to an SSH key)
	- In the end it will create a new IP/interface on both side and you will use the new IP created to communicate, totally encrypted, from one Host to the other

4) Solution 4: commad ’stunnel’

	- ’stunnel’ need to be installed on both side, server and client. SSL and certificate can be used by this tool


I hope it could help you


Olivier

> Le 4 mars 2026 à 17:44, Lee <t.lee.davidson@xxxxxxxxx> a écrit :
> 
> On 3/4/26 4:47 PM, gbWilly wrote:
>> I have been investigating the matter a bit more and it seems like SSH does what I need.
> 
> I could very well be wrong, but I'm thinking that SSH is not what you need. It was designed to operate as a Secure SHell, not as a network tunnel. Tunneling can be done, but it is rather complex. (Maybe you could use a VPN instead.)
> 
> I did find this:
> https://stackoverflow.com/questions/47267899/bi-directional-communication-using-sockets-via-ssh-tunnel
> 
> 
> -- 
> Lee
> 
> --- Gambas User List Netiquette [https://gambaswiki.org/wiki/doc/netiquette] ----
> --- Gambas User List Archive [https://lists.gambas-basic.org/archive/user] ----
> 
>

References:
Encrypt data between socket client and server	gbWilly <gbWilly@xxxxxxxxxxxxxx>
Re: Encrypt data between socket client and server	Lee <t.lee.davidson@xxxxxxxxx>
Re: Encrypt data between socket client and server	gbWilly <gbWilly@xxxxxxxxxxxxxx>
Re: Encrypt data between socket client and server	Lee <t.lee.davidson@xxxxxxxxx>