Thanks for your insight, Rick. I am the server provider :)
On Sunday, February 16, 2014 4:56:32 PM UTC-8, Rick wrote: > > > > On Saturday, February 15, 2014 4:46:54 PM UTC-5, Eric Hayes wrote: >> >> >> I'm wonder how most people securely connect to a Postgres database on a >> server separate from the app server. >> >> The ActiveRecord docs for a MySQL connection have explicit SSL options, >> whereas with Postgres it seems one would pass SSL options as documented for >> libpq. >> >> However a quick Googling returns SO threads with suggestions to use SSH >> tunnels. Which I guess could be managed with something like AutoSSH. >> >> I'd love to hear from anyone with experience with this. Is one method >> faster than the other, or easier to maintain? —Thanks! >> > > If your remote PostgreSQL server has ssl capability compiled in (look for > Secure TCP/IP Connections with SSL in the PostgreSQL docs), this would be > the preferred way to go. The connection status is visible to your app > because the secure channel is established between libpg and the remote > host. Running through an SSH tunnel has the added baggage of startup and > health monitoring, along with a restart policy as required. There may also > be a run time penalty (not sure on this one) on communication cost. In > either case, you want to use an MD5 password to establish the connection to > the server. > > You should probably get familiar with the normal PostgreSQL options and > start a conversation with your server provider. > > Rick > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscr...@googlegroups.com. To post to this group, send email to rubyonrails-talk@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/b371a3e8-25f5-4284-aeec-68fa5a561371%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
