>
> I'm talking with the boss about Postgres and the conversation turned to
> security. What kind of security features does Postgres have? I'm aware of the
> host-based authentication in pg_hba.conf. Are the actual connections to the
> database (SQL queries and what they return) encrypted?
The fe-/be-protocol isn't crypted.
You could use ssh in background with -L to establish crypted
connections. The scenario would look like:
local system Network db-server
-----------------------------|----------|-------------------------
ssh.in_background ---------> sshd
dbclient -> ssh.port_5439 -crypted-> sshd.remote -> postmaster
You cannot use pg_hba.conf any more, because the socket
connection between the remote sshd and the postmaster would
allways look as if it's coming from root on the db-server.
But any packet transferred on the network is crypted, so
sending passwords isn't a problem any more.
Jan
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#========================================= [EMAIL PROTECTED] (Jan Wieck) #
