[nycbug-talk] Postgresql remote connection security

Marco Scoffier marco at metm.org
Thu Feb 1 19:44:26 EST 2007

Hey all,

Just putting out feelers about how you feel about the security of the
postgresql remote connection auth types

I am setting up a new box with a couple jails and rather than run a
different database in each jail, I thought I would consolidate the
databases for different applications into one postgresql instance (you
know like a real database).

I have control over both the client IPs and the server of course, and
was going to use md5 auth-type.  Any concerns ?  Should I use ident ?
It seems that if I had large numbers of users from different clients
machines I would need ident, but I am not too clear on the difference.

I was not planning to use SSL for all the web-site back-end connections
(because it's all public information anyway).  But will use SSL for the
one webmail application.  SSL protects against snooping the connection,
but would it protect against snooping the password also?

Anyway, sorry about these basic questions 
Just looking for thoughts, 
or to hear from others doing similar things.



More information about the talk mailing list