nice, will consider this option. Im going to do some testing this weekend. i just got the redhat hardware today, as well as ldom and lpar for solaris and aix
thanks. --- On Fri, 10/22/10, fooler mail <[email protected]> wrote: > From: fooler mail <[email protected]> > Subject: Re: [plug] SSH port forwarding to encrypt database connection > To: "Philippine Linux Users' Group (PLUG) Technical Discussion List" > <[email protected]> > Date: Friday, 22 October, 2010, 1:40 PM > On Fri, Oct 22, 2010 at 9:05 AM, > Philip Morales <[email protected]> > wrote: > > exactly this will be implemented to almost one > thousand database servers. connection needs to be stable, > since ssh port forwarding cannot > > act as a daemon if anything disrupts connection the > tunnel will have to be manually reconnected again to resume > database connectivity. > > > > im thinking of putting a dedicated ssh tunnelling > jumphost cluster for this. > > > > if you insist to use SSH as VPN then on the client side use > "-w" > parameter and on the server side use "PermitTunnel yes" > with the help > of public key authentication without passphrase and a loop > script for > auto reconnection... you must use tun(4) device, configure > the > point-to-point link and add static route on both sides to > reach their > network.. > > fooler. > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
