Skip site navigation (1) Skip section navigation (2)

Re: ssl tunneling in postgres 8.1

From: "P Kapat" <kap4lin(at)gmail(dot)com>
To: pgsql-novice(at)postgresql(dot)org
Subject: Re: ssl tunneling in postgres 8.1
Date: 2008-11-19 20:55:50
Message-ID: (view raw or whole thread)
Lists: pgsql-novice
Tom, thanks again for correcting the confusion and my lack of
knowledge in SSH tunneling.

On 11/19/08, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> "P Kapat" <kap4lin(at)gmail(dot)com> writes:
>> The suggested commands are:
>> client$ ssh -L joe(at)foo(dot)com
>> client$ psql -h localhost -p 3333 postgres
>> They are just INCOMPLETE, half-baked mess :( In fact, they are simply
>> wrong!
> They're not wrong.  There's still something funny about your setup
> if that doesn't work ...

OK, agreed, it is not wrong, but it is certainly not transparent
either. If I understand the things now, the documentation as is  (-L works as long as

listen_addresses = '*'  OR listen_addresses = 'a.b.c.d' (where a.b.c.d
is the IP of

in postgresql.conf. Am I right? If so, is this obvious from the online
documentation? Unfortunately, it wasn't to me!

>> The correct commands are (at least the ones that worked in my case):
>> client$ ssh -R 5432:localhost:3333 -L 3333:localhost:5432 joe(at)foo(dot)com
> The -R switch is useless here.  The important point AFAICT is that you
> used localhost rather than in the -L switch.  That name is being
> evaluated at the remote end.  What I suppose is happening is that the
> Postgres server is configured to listen to (ie, "localhost")
> but not its external IP address (whatever "" resolves as).

Precisely, that is the configuration: " listen_addresses = 'localhost'
".... In which case, " -L 3333:localhost:5432 " has to be used.
Shouldn't this be mentioned in the documentation? This whole thing is
not trivial!!!

> 			regards, tom lane

Thanks again for the help, sincerely appreciated.

--------------------------------------  #402424

In response to


pgsql-novice by date

Next:From: Obe, ReginaDate: 2008-11-19 21:46:31
Subject: Re: ssl tunneling in postgres 8.1
Previous:From: P KapatDate: 2008-11-19 20:40:14
Subject: Re: ssl tunneling in postgres 8.1

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group