| From: | Andrei Kovalevski <andyk(at)commandprompt(dot)com> |
|---|---|
| To: | Jorge Godoy <jgodoy(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org, rod(at)iol(dot)ie, dfx(at)dfx(dot)it |
| Subject: | Re: Connect to postgres from a dynamic IP |
| Date: | 2008-03-02 16:56:18 |
| Message-ID: | 47CADC32.9070601@commandprompt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hello,
Jorge Godoy wrote:
> Em Monday 03 March 2008 08:08:36 Raymond O'Donnell escreveu:
>
>> On 03/03/2008 11:01, dfx wrote:
>>
>>> The question il: Is there a method to avoid to insert the addesses of
>>> the clients in the pg_hba.conf and to allow connections from internet
>>> with security assured only by username and password?
>>>
>> Yes, that's what people have been explaining: you insert a line
>> something like:
>>
>> host [database] [user] 0.0.0.0/0 md5
>>
>
> But make it "hostssl" instead of "host", to require some cryptography in the
> channel used, specially to authenticate the connection.
>
> Opening your access to everyone without crypto sounds like something you don't
> want to do. Specially if users can change their own passwords...
Does anybody ever measured performance slowdown for SSL connections?
--
Andrei Kovalevski
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
Managed Services, Shared and Dedicated Hosting
Co-Authors: plPHP, ODBCng - http://www.commandprompt.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Karl Denninger | 2008-03-02 19:41:34 | 8.2.6 > 8.3 blows up |
| Previous Message | Bruce Momjian | 2008-03-02 12:37:51 | Re: Understanding ps -ef "command" column |