On Wednesday 08 September 2004 11:19 am, Chris Ess wrote:
> > I'd like to connect via an encrypted shell, like SSH, but I'd
> > also like the connection to be persistent, to avoid connection
> > costs for batch operations. I'd also like to provide a FIFO
> > queue mechanism so that if the mail server reboots, anyone
> > working on the billing server won't get error messages when
> > they attempt to provision services. Then, when the mail server
> > comes back up, the SSH tunnel is re-established and the
> > queued operations begin to execute.
> >
> > However, so far in my google searches I haven't seen anything
> > that would help me implement a persistent SSH connection
> > with a FIFO queue.
> >
> > Can anyone give me tips?
> Have you considered....
> 1. A VPN between the two?

solves encryption, but not persistence. Also, that's a rather heavy-weight

> 2. Using an on-demand connection method rather than a persistent method?

Trying to avoid it. Our CSRs see the billing server pause while the hook
executes to provision a service. I want to keep that pause time to a minimum.

> 3. Just connecting to a dedicated socket or service rather than SSH?

Not secure, and how would that work? I thought vpopmail's only manipulation
system is either SQL or command line based...

> 4. The security issues inherent in connecting your billing server to your
> mailserver?

Sure. People do it all the time, right?

> To keep this topic vaguely vpopmail-related, have you considered keeping
> all of the necessary vpopmail information (or at least most of it) in a
> MySQL database or some other separate data repository and having something
> on your billing server update that?

It's been suggested. I'm not happy with that solution though. I'd rather keep
it command line based.

> (Or, alternatively, why not run the 
> MySQL database on your billing server if you go that route?

Kills scalability. Bad solution.

Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)

Reply via email to