Using SSL security to protect MySQ server

[mparak]

We have setup a host of servers using dynamic IP mapping and while the standard username password seems a reasonable measure of privacy, we need to furhther encrypt the traffic.

SSL seems to be the answer, (If we only knew how to get the Zeos components to be aware of the layer)

Any ideas, ?

Warmest Regards

MParak
Durban

[mdaems]

Hi MParak,

I don't see where SSH comes into play. Maybe because I don't know much about ssh, sorry. So see this answer just as some hints to think about. Let me know if I'm totally wrong.

If your client program using ZEOS is executed on the same machine as the database (using ssh), i don't think there's something between your client program and the database.
If your client program using ZEOS is executed on another machine it uses a tcp/ip-connection to the mysql port on the database server. (unless ssh can provide acess to a named pipe on the database server?????? Would be strange, but you never know) I don't think that has something to do with SSH either. You can encrypt that connection using SSL, but read about that in the mysql manual. I've never done that. But I think ZEOS supports this connections.

Can you connect to the mysql-server using the command line client? How do you do that? Is the command running on the database server or on your local machine?

Mark

[btrewern]

You could tunnel via ssh. I've tried it with VNC and got it working. See here : http://cyberknights.com.au/doc/PuTTY-tu ... HOWTO.html.

Regards,

Ben

[mdaems]

Hi MParak,

Shame on me... Yesterday I read some article on PlanetMysql concerning tunneling a mysql connection. I don't know wether you already have solved the problem, but there's a good paragraph in the mysql online documentation addressing your problem.
http://dev.mysql.com/doc/refman/5.0/en/ ... ff=nopfpls
Maybe you (or somebody else) are helped with this article.

Mark