There are common one-way encryption, like md5, this is commonly what I do, I encrypt with md5 when I insert the password into my database on the DB server, and then I encrypt with PHP on the Web server side, so therefore, I am only ever sending my md5 encrypted password over the "wire". Since it is the same every time it is like doing string compares on the same encrypted value so it authenticates, of course this is also the vulnerability of md5. I suppose that with cracking software and time, someone could get it, but it also might be better then sending it in the clear.
-Brad Adam Voigt wrote: > Maybe you could somehow setup your SSH tunnel before-hand > (at server start up or something) and use that instead. > > Adam Voigt > [EMAIL PROTECTED] > > On Thu, 2002-09-26 at 12:40, John Holmes wrote: > > > I am connecting to a mysql server on a remote machine, and opened up > > port > > > 3306 for this purpose. But, I am concerned about sending a clear text > > > password, via the mysql_pconnect() call. My question is, what is the > > > procedure for connecting to a remote server with an encrypted > > password? > > > Or, does mysql_pconnect handle this? > > > > Nope, it's all in the clear. MySQL 4.0 has support for doing this over > > SSL, I think. > > > > ---John Holmes... > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
