I've been able to get both the SSH and SSL connections working very easily with the mydirect.net connector.
I'd like to use SSL, but I think SSH might be more secure. In order to use SSL over the internet, I'd have to expose the mysql server port and use the GRANT syntax to make sure logins are required to use SSL.
Is SSL safe to use over the internet?
My question, can you give me, in your professional opinion, a recommendation on which to use?
SSH or SSL
-
- Posts: 729
- Joined: Thu 13 Dec 2007 10:24
It depends on the system architecture and requirements.
If you need a secured connection you might use SSL.
If you require tunnelling, SSH would be suitable.
For more information please refer to:
http://seifried.org/security/cryptograp ... l-ssh.html
If you need a secured connection you might use SSL.
If you require tunnelling, SSH would be suitable.
For more information please refer to:
http://seifried.org/security/cryptograp ... l-ssh.html
Right.Alexey.mdr wrote:It depends on the system architecture and requirements.
If you need a secured connection you might use SSL.
If you require tunnelling, SSH would be suitable.
For more information please refer to:
http://seifried.org/security/cryptograp ... l-ssh.html
But is it more secure to tunnel ( because a firewall is blocking port 3306) or is it ok to open up port 3306 to your mysql and enforce SSL?
The article you linked me claimed it was written in 2000, 8 years ago. Does that still apply today?
-
- Posts: 729
- Joined: Thu 13 Dec 2007 10:24
Well, actually yes. The link is really quite old, but the main principles haven't changed from that time.
The ideas are basically the same.
Here are some features of SSL and SSH.
SSL:
The data exchange is fully secured.
The ideas are basically the same.
Here are some features of SSL and SSH.
SSL:
- you have to open the port for data flow (like 3306).
- MySQL server must support SSL
- you need a special proxy SSH server
- SSH doesn't require an open data flow port, as you may use port # 80.
The data exchange is fully secured.