Re: Connect to postgres from a dynamic IP
Hello,
Jorge Godoy wrote:
Em Monday 03 March 2008 08:08:36 Raymond O'Donnell escreveu:
On 03/03/2008 11:01, dfx wrote:
The question il: Is there a method to avoid to insert the addesses of
the clients in the pg_hba.conf and to allow connections from internet
with security assured only by username and password?Yes, that's what people have been explaining: you insert a line
something like:host [database] [user] 0.0.0.0/0 md5
But make it "hostssl" instead of "host", to require some cryptography in the
channel used, specially to authenticate the connection.Opening your access to everyone without crypto sounds like something you don't
want to do. Specially if users can change their own passwords...
Does anybody ever measured performance slowdown for SSL connections?
--
Andrei Kovalevski
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
Managed Services, Shared and Dedicated Hosting
Co-Authors: plPHP, ODBCng - http://www.commandprompt.com/
Import Notes
Reply to msg id not found: 200803030833.29319.jgodoy@gmail.comReference msg id not found: 002a01c87d1d$e29135b0$f400a8c0@SEMPRONReference msg id not found: 47CBDC34.9070407@iol.ieReference msg id not found: 200803030833.29319.jgodoy@gmail.com
Andrei Kovalevski <andyk@commandprompt.com> writes:
Does anybody ever measured performance slowdown for SSL connections?
It's pretty significant percentage-wise on a local-loopback connection,
but for a connection over the open Internet I doubt it'd be an issue.
Unless your data is completely not private I'd recommend SSL for such a
situation.
regards, tom lane