|
Home > Archive > Slony1 PostgreSQL Replication > September 2005 > SSL + Slony over WAN ...
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
SSL + Slony over WAN ...
|
|
| Marc G. Fournier 2005-09-27, 8:24 pm |
|
I know that PostgreSQL does support it, and we have for awhile ... but, is
there any docs on setting up Slony with SSL for security replication over
a WAN? Or can Slony even do that?
----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email: scrappy-rZG+BmoqAtU@public.gmane.org Yahoo!: yscrappy ICQ: 7615664
| |
| Dave Page 2005-09-27, 8:24 pm |
|
-----Original Message-----
From: "Marc G. Fournier"<scrappy-rZG+BmoqAtU@public.gmane.org>
Sent: 27/09/05 21:28:58
To: =
"slony1-general- AuKwsB3Fm+ugFIWk8tvy
RWD2FQJk+8+b@public.gmane.org"<slony1-general- AuKwsB3Fm+ugFIWk8tvy
RWD2FQJk+8+b@public.gmane.org=
>
Subject: [Slony1-general] SSL + Slony over WAN ...
> I know that PostgreSQL does support it,=20
> and we have for awhile ... but, is=20
> there any docs on setting up Slony with=20
> SSL for security replication over=20
> a WAN? Or can Slony even do that?
Libpq should handle that - just set the required sslmode in your connect =
strings.
Regards, Dave
-----Unmodified Original Message-----
I know that PostgreSQL does support it, and we have for awhile ... but, =
is=20
there any docs on setting up Slony with SSL for security replication =
over=20
a WAN? Or can Slony even do that?
----
Marc G. Fournier Hub.Org Networking Services =
(http://www.hub.org)
Email: scrappy-rZG+BmoqAtU@public.gmane.org Yahoo!: yscrappy ICQ: =
7615664
____________________
____________________
_______
Slony1-general mailing list
Slony1-general- AuKwsB3Fm+ugFIWk8tvy
RWD2FQJk+8+b@public.gmane.org
http://gborg.postgresql.org/mailman.../slony1-general
| |
| Jan Wieck 2005-09-27, 8:24 pm |
| On 9/27/2005 4:26 PM, Marc G. Fournier wrote:
> I know that PostgreSQL does support it, and we have for awhile ... but, is
> there any docs on setting up Slony with SSL for security replication over
> a WAN? Or can Slony even do that?
Because of some significant redundancy in the transferred data it might
make sense to do it with a compressed ssh-tunnel instead of using
libpq's ssl functionality.
Jan
--
#===================
====================
====================
===========#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#===================
====================
=========== JanWieck- bwPqjjyvM7QAvxtiuMwx
3w@public.gmane.org #
| |
| Dennis Jenkins 2005-09-29, 9:24 am |
|
--- Jan Wieck <JanWieck- bwPqjjyvM7QAvxtiuMwx
3w@public.gmane.org> wrote:
> On 9/27/2005 4:26 PM, Marc G. Fournier wrote:
>=20
> have for awhile ... but, is=20
> security replication over=20
>=20
> Because of some significant redundancy in the
> transferred data it might=20
> make sense to do it with a compressed ssh-tunnel
> instead of using=20
> libpq's ssl functionality.
>=20
>=20
> Jan
>=20
We tried it, but Slony (with ssl) caused our
Postgresql server to segfault inside SHA1-Init(). So
we now use a seperate SSL tunnel and configured Slony
to NOT use ssl. (Just like Jan suggests). It is
working fine so far.
Dennis Jenkins
|
|
|
|
|