[unisog] Encrypted tunnels for mysql

Andreas Östling andreaso at it.su.se
Tue Jun 28 08:20:01 GMT 2005


Usually kind of like that, with restricted public keys to to only permit 
forwarding to localhost:port and from specific hosts and without shell 
access and so on. 'command=...', 'permitopen=...', 
'no-blablabla-fowarding', 'no-pty' and the like are useful. You can 
open the tunnel in either direction too.

/Andreas


On Tuesday 28 June 2005 07:04, Russell Fulton wrote:
> Hi,
>    I have a bunch of snort sensors that log back to a central mysql
> server and I would like to  'secure' this traffic.  The only really
> sensitive info is actually the password but that's enough to make it
> worth doing.   I know I can do this with 'ssh db-box -L
> 13306:localhost:3306' (if I got that right) but it isnt ideal so how
> do others do this?
>
> Cheers and thanks, Russell


More information about the unisog mailing list