Re: [stunnel-users] Stunnel on the same machine

This is a discussion on Re: [stunnel-users] Stunnel on the same machine within the Stunnel Users forums, part of the Networking and Network Related category; After starting stunnel and connecting the mysql client/usr/local/mysql/bin/mysql -h 127.0.0.1 -u root -...


Go Back   Usenet Forums > Networking and Network Related > Stunnel Users

Reload this Page Re: [stunnel-users] Stunnel on the same machine

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 10-05-2007
subrata@indiatimes.com
 
Posts: n/a
Default Re: [stunnel-users] Stunnel on the same machine
After starting stunnel and connecting the mysql client/usr/local/mysql/bin/mysql -h 127.0.0.1 -u root -p the flow gets stuck at the Enter password prompt any suggestions how to proceed from there.

Subrata

----- Original Message -----
From: Peter Pentchev <roam@ringlet.net>
To: Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com>
Cc: stunnel-users@mirt.net
Sent: Fri, 5 Oct 2007 16:48:10 +0530 (IST)
Subject: Re: [stunnel-users] Stunnel on the same machine

On Thu, Oct 04, 2007 at 12:51:53PM -0500, Luis Rodrigo Gallardo Cruz wrote:
> On Thu, Oct 04, 2007 at 06:54:52PM +0530, subrata@indiatimes.com wrote:
> > Hi
> >
> > I want to configure to encrypt mysql both client and server on the same machine. Ie the
> > /usr/local/mysql/bin/mysql -u root -p on the same machine where my mysql daemon is located.
> >
> > How to achieve this.
>
> It's a pointless thing to do. Anyone who could listen in to the
> conversation between the client and daemon can listen to the
> conversation between client and stunnel.

Absolutely correct.

Speaking of MySQL, the recent versions actually have the ability to
encrypt the connection - on the MySQL level, by passing the appropriate
options to the mysql_connect() function or its equivalent, in the language
API used. That is, you can tell the MySQL client to open an encrypted
connection to the server, at which point all the traffic is encrypted,
there is no weak link -- well, except for the possibility of someone
actually tracing the client program, instruction by instruction, examining
its memory space and so on, but I think this is where most people can
safely draw the line of paranoia vs. usability :)

G'luck,
Peter

--
Peter Pentchev roam@ringlet.net roam@cnsys.bg roam@FreeBSD.org
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
I am not the subject of this sentence.


--
My life has changed. What about yours?
Log on to the new Indiatimes Mail and Live out of the Inbox!
_______________________________________________
stunnel-users mailing list
stunnel-users@mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 12:15 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0