Paul Tillotson wrote:
> At my company we are looking at deploying clients for our
> client/server app outside our firewall, which will then require
> our postgres box to be internet-accessible. Does anyone out there
> have experience with this or recommended best practices? We have
> been looking at either (a) tunnelling everything over ssh, or (b)
> just making sure that users have "strong" passwords and requiring
> "md5" authentication in pg_hba.conf.
>
> Our client app is in C# using the postgresql .net data provider.
Is the .net provider capable of an SSL connection? I'd be hesitant
to throw around data over the Internet without using SSL for all the
various reasons: DNS hijacking, TCP replay, etc.
Mike Mascari