[systemd-devel] [-0.035] Re: systemd-devel] dbus-broker can be used for a "user" type bus accessible over tcp or not?

[Erik Slagter]

On 21-01-2025 15:34, Cristian Rodríguez wrote:
> Come on..if you do that just configure stunnel to do what you want
> with PSK auth. it supports all sorts of sockets and provides you with
> the minimal security you need.

I was going to say that stunnel can't connect to a unix socket, but I 
just checked and apparently it (now) can. That's why I was using socat. 
This may be interesting. If it works I may even be able to expose the 
session bus this way, which makes it all a lot less complex.

As said, I don't really need encryption. The network both hosts are 
connected to is completely shielded, almost point-to-point and routed 
(so no broadcast domains that might receive some spilled traffic). 
Something like host1 <-> router <-> host2. Host2 has a packet filter to 
protect it's multiple interfaces, host1 only has one. Nobody except me 
has physical or remote access to these hosts.

Use of stunnel would only be really beneficial if it could also 
authenticate/authorise. I don't think it can. Maybe something using 
certificates + private keys but it looks complicated.