Re: [stunnel-users] Stunnel on the same machine
This is a discussion on Re: [stunnel-users] Stunnel on the same machine within the Stunnel Users forums, part of the Networking and Network Related category; --===============0590902030== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cvVnyQ+4j833TQvp" Content-...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-05-2007
|
|||
|
|||
Re: [stunnel-users] Stunnel on the same machine
--===============0590902030== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cvVnyQ+4j833TQvp" Content-Disposition: inline --cvVnyQ+4j833TQvp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 04, 2007 at 12:51:53PM -0500, Luis Rodrigo Gallardo Cruz wrote: > On Thu, Oct 04, 2007 at 06:54:52PM +0530, subrata@indiatimes.com wrote: > > Hi > >=20 > > I want to configure to encrypt mysql both client and server on the same= machine. Ie the=20 > > /usr/local/mysql/bin/mysql -u root -p on the same machine where my mysq= l daemon is located. > >=20 > > How to achieve this. >=20 > It's a pointless thing to do. Anyone who could listen in to the > conversation between the client and daemon can listen to the > conversation between client and stunnel. Absolutely correct. Speaking of MySQL, the recent versions actually have the ability to encrypt the connection - on the MySQL level, by passing the appropriate options to the mysql_connect() function or its equivalent, in the language API used. That is, you can tell the MySQL client to open an encrypted connection to the server, at which point all the traffic is encrypted, there is no weak link -- well, except for the possibility of someone actually tracing the client program, instruction by instruction, examining its memory space and so on, but I think this is where most people can safely draw the line of paranoia vs. usability :) G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@cnsys.bg roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 I am not the subject of this sentence. --cvVnyQ+4j833TQvp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFHBh1y7Ri2jRYZRVMRAmvZAKCNbYkUrv0XaU2FI25RJH qh3E3zNQCdHKvy 7tiNbBtiwnp4j8wR6Ci5O9w= =JHvG -----END PGP SIGNATURE----- --cvVnyQ+4j833TQvp-- --===============0590902030== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users --===============0590902030==-- 
|
Linear Mode
