Well, you would only need to setup a single ssh tunnel. All your different apps could then use the single tunnel. You could even setup RSA authentication so that it could start manually with no password entering required. Have it automatically come up on boot, etc.
MySQL has no encryption built-in, as far as I know. I would be surprised if it did. The correct way would be to use an established mechanism for secure communications such as ssh or ipsec instead of re-implementing basically the same thing in the application. I would not so much recommend pptp. SSH would likely be much easier to setup (especially if you're already using unix-like machines on both the client and server) and definately more secure. IPSEC would also be significantly more difficult, but you wouldn't have to worry so much about the secure session going down. --Doug On Thu, Nov 06, 2003 at 12:12:14PM -0600, Andrew Falgout wrote: > Thanks for the quick response. I've never setup an ipsec before. I have > been toying with the idea of using cipe to create a PPTP virtual network for > the server to talk on. But the time to work on this project has not > presented itself as of yet. I was wondering if there was an interface > within mysql that would allow for encrypted traffic. The majoroity of my > connection are cron jobs doing automated tasks, an ssh connection feels > icky. (Yes.. a technical term) > > ----- Original Message ----- > From: "Doug Clements" <[EMAIL PROTECTED]> > To: "Andrew Falgout" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Thursday, November 06, 2003 12:03 PM > Subject: Re: mysql network security > > > > On Thu, Nov 06, 2003 at 11:41:54AM -0600, Andrew Falgout wrote: > > > Does anyone know of a method for encrypting the network traffic to and > from a mysql database running on Redhat ES 2.1? At the moment, only perl > automation and php web pages are accessing the database. > > > > You could tunnel your connections over an ssh tunnel, or setup an ipsec > tunnel. > > > > --Doug > > > > -- > > MySQL General Mailing List > > For list archives: http://lists.mysql.com/mysql > > To unsubscribe: > http://lists.mysql.com/[EMAIL PROTECTED] > > > -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
