Mike Mascari wrote:
Paul Tillotson wrote:
At my company we are looking at deploying clients for our client/server app outside our firewall, which will then require our postgres box to be internet-accessible. Does anyone out there have experience with this or recommended best practices? We have been looking at either (a) tunnelling everything over ssh, or (b) just making sure that users have "strong" passwords and requiring "md5" authentication in pg_hba.conf.
Our client app is in C# using the postgresql .net data provider.
Is the .net provider capable of an SSL connection? I'd be hesitant to throw around data over the Internet without using SSL for all the various reasons: DNS hijacking, TCP replay, etc.
If not you can tunnel it.
Regards Gaetano Mendola
---------------------------(end of broadcast)--------------------------- TIP 9: the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match