Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a security consultant demanding that we implement encrypted connections to mySQL. He is concerned that the username and pass for the db are being sent cleartext when we connect.
The mysql server is on the same network as the scripts though not the same physical machine. So the credentials will not be passed externally and should be fine unless the server is already compromised.
Am I right that SSL would be overkill?
If you need to implement this security measure, I would set up an encrypted SSH tunnel. On the web server:
ssh -L 3306:localhost:3306 -N someuser@mysql.server.addressThen connect to MySQL on 127.0.0.1 in your web app, and it will be forwarded to the remote MySQL server over an encrypted SSH tunnel.