Received: from localhost.localdomain (postgresql.org [64.49.215.8]) by localhost (Postfix) with ESMTP id 1CB04475B25 for ; Wed, 22 May 2002 21:50:39 -0400 (EDT) Received: from smtp.investsystems.co.uk (unknown [62.49.196.163]) by postgresql.org (Postfix) with SMTP id 04BB3475A8A for ; Wed, 22 May 2002 21:50:38 -0400 (EDT) Received: (qmail 56066 invoked from network); 23 May 2002 01:50:41 -0000 Received: from ponder.fairway2k.co.uk (nandrews@172.31.1.3) by hex.fairway2k.co.uk with SMTP; 23 May 2002 01:50:41 -0000 Date: Thu, 23 May 2002 02:50:41 +0100 (BST) From: "Nigel J. Andrews" X-Sender: nandrews@ponder.fairway2k.co.uk To: Bear Giles Cc: pgsql-hackers@postgresql.org Subject: Re: 2nd cut at SSL documentation In-Reply-To: <20020521195038.6450a7b7.nconway@klamath.dyndns.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Archive-Number: 200205/923 X-Sequence-Number: 23128 > On Tue, 21 May 2002 14:27:00 -0600 (MDT) > "Bear Giles" wrote: > > A second cut at SSL documentation.... > [snip] > > To set up a SSH/OpenSSH tunnel, a shell account for each > > user should be set up on the database server. It is acceptable > > for the shell program to be bogus (e.g., /bin/false), if the > > tunnel is set up in to avoid launching a remote shell. > > > > On each client system the $HOME/.ssh/config file should contain > > an additional line similiar to > > > > LocalForward 5555 psql.example.com:5432 I'm coming to this party a bit late in that this is the first I've read the documentation. I'm also a bit of a newbie when it comes to SSH and I've not investigated ssh3 at all yet. However, isn't this assuming ssh1 only? I know ssh2 will fallback to ssh1 compatibility but should there be something about configuring for the later versions? -- Nigel J. Andrews Director --- Logictree Systems Limited Computer Consultants