Skip site navigation (1) Skip section navigation (2)

Re: pg_hba.conf

From: jseymour(at)linxnet(dot)com (Jim Seymour)
To: pgsql-admin(at)postgresql(dot)org
Subject: Re: pg_hba.conf
Date: 2004-05-26 15:34:32
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-admin
Note: Please do NOT Cc: me on replies to the mailing list.  I read the
mailing list.  One copy of your comments is sufficient.  Thank you.

> Thanks Mike!
> Do you know if pgSQL will be supporting higher level of encryption in
> the near future? Most of us here at Ameritrade work from home via VPN.=20

As I told "mike g": pgsql's encryption has *nothing* to do with your
VPN's encryption.  I'm running a sort of a VPN, using port-
forwarding over OpenSSH.  In fact, from work just now...

From an xterm...
$ ssh -C -c blowfish -2 -L

What that command says is to do an SSH login to
and port-forward port 57001 on the local machine to port 5432 on  The "-C" says to use data compression on the
session.  The "-c blowfish" says to encrypt the session using the
Blowfish encryption algorithm.

From another xterm...
$ psql -h -p 57001
Welcome to psql 7.4.2, the PostgreSQL interactive terminal.

Type:  \copyright for distribution terms
       \h for help with SQL commands
       \? for help on internal slash commands
       \g or terminate with semicolon to execute query
       \q to quit


That is the pgsql server on my machine at home.

Now, in my case, it's simplified in that what pgsql sees coming in is
a connection from its own server (localhost), because the connection
is port-forwarded by SSH, rather than routed over a VPN route.  But
that's just a technicality.  The point I'm trying to make is that
pgsql doesn't care, doesn't even *know*, what the VPN connection
uses for encryption--or even that it *is* encrypted.  (Much-less that
my SSH connection travels through an application proxy firewall, 
a NAT'd router, and the Lord knows how many routers and other network
equipment on the way.)


pgsql-admin by date

Next:From: Bruno Wolff IIIDate: 2004-05-26 15:51:48
Subject: Re: table check
Previous:From: Bruno Wolff IIIDate: 2004-05-26 15:29:36
Subject: Re: pg_hba.conf

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group