Devart Forums

Posted: **Mon 17 Mar 2008 18:46**

I've been able to get both the SSH and SSL connections working very easily with the mydirect.net connector.

I'd like to use SSL, but I think SSH might be more secure. In order to use SSL over the internet, I'd have to expose the mysql server port and use the GRANT syntax to make sure logins are required to use SSL.

Is SSL safe to use over the internet?

My question, can you give me, in your professional opinion, a recommendation on which to use?

Posted: **Tue 18 Mar 2008 08:02**

It depends on the system architecture and requirements.
If you need a secured connection you might use SSL.
If you require tunnelling, SSH would be suitable.

For more information please refer to:
http://seifried.org/security/cryptograp ... l-ssh.html

Posted: **Tue 18 Mar 2008 17:54**

Alexey.mdr wrote:It depends on the system architecture and requirements.
If you need a secured connection you might use SSL.
If you require tunnelling, SSH would be suitable.

For more information please refer to:
http://seifried.org/security/cryptograp ... l-ssh.html

Right.

But is it more secure to tunnel ( because a firewall is blocking port 3306) or is it ok to open up port 3306 to your mysql and enforce SSL?

The article you linked me claimed it was written in 2000, 8 years ago. Does that still apply today?

Posted: **Wed 19 Mar 2008 13:26**

Well, actually yes. The link is really quite old, but the main principles haven't changed from that time.
The ideas are basically the same.
Here are some features of SSL and SSH.
SSL:

you have to open the port for data flow (like 3306).
MySQL server must support SSL

SSH:

you need a special proxy SSH server
SSH doesn't require an open data flow port, as you may use port # 80.

In both cases you have to make extensive configuration work, but once configured properly you can breath freely and happily.
The data exchange is fully secured.

Devart Forums

SSH or SSL

SSH or SSL