SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-17-2008, 04:19 PM
| ||||
| ||||
 HowTo SSL probaply with ODBC ? Hi, is there a documentation on how to secure a connection withe SSL? That is an option of the ODBC driver, isn't it? The motivation is that I need to rent a remote server for PG. Their admin proposes to open port 5432 on the outside of their firewall but he has no idea how to secure the access besides PG's user/password. I couldn't even restrict the accessing IPs within PG because they will be dynamic. Regards Andreas ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend      |
|
04-17-2008, 04:19 PM
| |||
| |||
| Re: [GENERAL] HowTo SSL probaply with ODBC ? On May 16, 2007, at 10:23 AM, Andreas wrote: > is there a documentation on how to secure a connection withe SSL? > That is an option of the ODBC driver, isn't it? http://www.postgresql.org/docs/8.2/i...e/ssl-tcp.html I don't know about ODBC. > > The motivation is that I need to rent a remote server for PG. > Their admin proposes to open port 5432 on the outside of their > firewall but he has no idea how to secure the access besides PG's > user/password. > I couldn't even restrict the accessing IPs within PG because they > will be dynamic. If they won't setup PostgreSQL properly with SSL support, your best bet is to setup a SSH tunnel. This will also work with ODBC. If they don't support SSH, find another provider  . Here is some backgroundon setting it up: http://pgedit.com/tip/postgresql/ssh_tunneling John DeSoi, Ph.D. http://pgedit.com/ Power Tools for PostgreSQL ---------------------------(end of broadcast)--------------------------- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match |
|
04-17-2008, 04:19 PM
| ||||
| ||||
| Re: [GENERAL] HowTo SSL probaply with ODBC ? Andreas wrote: > is there a documentation on how to secure a connection withe SSL? > That is an option of the ODBC driver, isn't it? > > The motivation is that I need to rent a remote server for PG. > Their admin proposes to open port 5432 on the outside of their firewall > but he has no idea how to secure the access besides PG's user/password. > I couldn't even restrict the accessing IPs within PG because they will > be dynamic. The ODBC driver uses libpq.dll to establish the connection, and libpq.dll can use SSL encryption, so you should have no problem. You must enable SSL on the server (your provider, that is), by setting 'ssl = on' in postgresql.conf. There must be a server.key and server.crt file in the PostgreSQL server data directory containing the private key and the public certificate of the server. Moreover, this only makes sense if you enforce it. In pg_hba.conf on the server, add two lines like this: hostssl all all 0.0.0.0/0 md5 host all all 0.0.0.0/0 reject Then only SSL connections will be accepted. This way you can also restrict connections to be only allowed from your subnet - just change the IP address and netmask in the 'hostssl' line to match your subnet. Yours, Laurenz Albe ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to majordomo@postgresql.org so that your message can get through to the mailing list cleanly |
Linear Mode
