mysql connection through ssl tunnel
John Almberg
jalmberg at identry.com
Tue Oct 21 11:43:38 PDT 2008
On Oct 21, 2008, at 3:44 AM, Matthew Seaman wrote:
> John Almberg wrote:
>
>> I do know that Mysql supports SSL... somehow this got discounted
>> early in the discussion, perhaps mistakenly?
>
> I believe the thinking was that although MySQL claims to support SSL,
> it does in fact make a pretty bodge of it, and a more effective
> approach is to pipe MySQL traffic through an encrypted tunnel.
>
> Personally I just use IPSec for this, but people might also like to
> consider stunnel (http://www.stunnel.org/) or OpenVPN (http://
> openvpn.net/)
Stunnel and OpenVPN are on my list, in case autossh has unexpected
problems, but I figured I'd try the simplest approach first.
Other than figuring out what holes to poke in the firewalls, autossh
was pretty simple to set up.
Now I just need to figure out how to start it on reboot, but that is
something I've been meaning to learn, anyway, so I don't mind.
I appreciate your help.
-- John
More information about the freebsd-questions
mailing list